Vulnerabilities > Corenews

DATE CVE VULNERABILITY TITLE RISK
2006-04-26 CVE-2006-2033 Input Validation vulnerability in Corenews 2.0.1
PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter.
network
low complexity
corenews
6.4
2006-04-26 CVE-2006-2032 Input Validation vulnerability in CoreNews
Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) icon_id and (2) userid parameters in preview.php.
network
low complexity
corenews
6.4
2006-03-14 CVE-2006-1212 Remote Code Execution vulnerability in Corenews 2.0.1
Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability.
network
low complexity
corenews
7.5