Vulnerabilities > Expinion NET > Inews Publisher
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-04 | CVE-2006-6274 | Cross-Site Scripting vulnerability in Expinion.net iNews Publisher Articles.ASP SQL injection vulnerability in articles.asp in Expinion.net iNews (1) Publisher (iNP) 2.5 and earlier, and possibly (2) News Manager, allows remote attackers to execute arbitrary SQL commands via the ex parameter. network expinion-net | 6.8 |
2006-12-01 | CVE-2006-6180 | Cross-Site Scripting vulnerability in Expinion.net iNews Publisher Articles.ASP Cross-site scripting (XSS) vulnerability in articles.asp in Expinion.net iNews Publisher (iNP) 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the hl parameter. network expinion-net | 6.8 |