Vulnerabilities > Newsscriptphp

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-24	CVE-2020-25475	SQL Injection vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action. network low complexity newsscriptphp CWE-89 critical	9.8
2020-11-24	CVE-2020-25474	Cross-site Scripting vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter. network low complexity newsscriptphp CWE-79	6.1
2020-11-24	CVE-2020-25473	Unspecified vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies. network low complexity newsscriptphp	6.5
2020-11-24	CVE-2020-25472	Cross-Site Request Forgery (CSRF) vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users. network low complexity newsscriptphp CWE-352	6.5

Vulnerabilities > Newsscriptphp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Newsscriptphp"}]}