Vulnerabilities > Fscripts > Fantastic News > 2.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-11 | CVE-2006-4671 | Code Injection vulnerability in Fscripts Fantastic News 2.1.1/2.1.2/2.1.3 PHP remote file inclusion vulnerability in headlines.php in Fantastic News 2.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[script_path] parameter, a different vector than CVE-2006-1154. | 6.8 |
2006-08-22 | CVE-2006-4285 | Code Injection vulnerability in Fscripts Fantastic News PHP remote file inclusion vulnerability in news.php in Fantastic News 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[script_path] parameter. | 7.5 |
2006-03-10 | CVE-2006-1154 | Code Injection vulnerability in Fscripts Fantastic News 2.1.1/2.1.2/2.1.4 PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. | 7.5 |