Vulnerabilities > Netwin > Webnews

DATE CVE VULNERABILITY TITLE RISK
2006-10-03 CVE-2006-5100 Remote File Include vulnerability in Web//News Parser.PHP
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
network
low complexity
netwin
7.5
2002-05-31 CVE-2002-0310 Unspecified vulnerability in Netwin Webnews
Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.
network
low complexity
netwin
7.5
2002-05-31 CVE-2002-0290 Remote Buffer Overflow vulnerability in Netwin Webnews 1.1H/1.1I/1.1J
Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument.
network
low complexity
netwin
7.5