Vulnerabilities > Null News
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-30 | CVE-2006-1534 | SQL Injection vulnerability in Null News Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via (1) the user_email parameter in (a) lostpass.php, and the (2) user_email and (3) user_username parameters in (b) sub.php and (c) unsub.php. | 7.5 |