Vulnerabilities > Corenews
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-26 | CVE-2006-2033 | Input Validation vulnerability in Corenews 2.0.1 PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. | 6.4 |
2006-04-26 | CVE-2006-2032 | Input Validation vulnerability in CoreNews Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) icon_id and (2) userid parameters in preview.php. | 6.4 |
2006-03-14 | CVE-2006-1212 | Remote Code Execution vulnerability in Corenews 2.0.1 Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability. | 7.5 |