Vulnerabilities > Dotnetindex > Active News Manager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-24 | CVE-2006-6096 | Cross-Site Scripting vulnerability in Dotnetindex Active News Manager Cross-site scripting (XSS) vulnerability in activenews_search.asp in ActiveNews Manager allows remote attackers to inject arbitrary web script or HTML via the query parameter. | 4.3 |
2006-11-24 | CVE-2006-6095 | SQL Injection vulnerability in Dotnetindex Active News Manager Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp. | 7.5 |