Vulnerabilities > Mcnews

DATE CVE VULNERABILITY TITLE RISK
2005-05-02 CVE-2005-0800 Unspecified vulnerability in Mcnews
PHP remote file inclusion vulnerability in install.php in mcNews 1.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the l parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2005-0720.
network
low complexity
mcnews
7.5
2005-03-08 CVE-2005-0720 Code Injection vulnerability in Mcnews 1.3
PHP remote file inclusion vulnerability in admin/header.php in PHP mcNews 1.3 allows remote attackers to execute arbitrary PHP code by modifying the skinfile parameter to reference a URL on a remote web server that contains the code.
network
low complexity
mcnews CWE-94
7.5