Vulnerabilities > Cutephp > Cutenews > 2.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-25 | CVE-2020-5558 | Injection vulnerability in Cutephp Cutenews 2.0.1 CuteNews 2.0.1 allows remote authenticated attackers to execute arbitrary PHP code via unspecified vectors. | 9.0 |
2020-03-25 | CVE-2020-5557 | Cross-site Scripting vulnerability in Cutephp Cutenews 2.0.1 Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |