Vulnerabilities > Newanz
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-07-25 | CVE-2010-2844 | Cross-Site Scripting vulnerability in Newanz Newsoffice 2.0.18 Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote attackers to inject arbitrary web script or HTML via the n-cat parameter. | 4.3 |
2008-04-22 | CVE-2008-1903 | Code Injection vulnerability in Newanz Newsoffice 1.0/1.1 PHP remote file inclusion vulnerability in news_show.php in Newanz NewsOffice 1.0 and 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsoffice_directory parameter. | 7.5 |