News Evolution

DATE	CVE	VULNERABILITY TITLE	RISK
2002-12-31	CVE-2002-2249	Code Injection vulnerability in PHP Evolution News Evolution 1.0/2.0 PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arbitrary PHP commands via the neurl parameter to (1) backend.php, (2) screen.php, or (3) admin/modules/comment.php. network low complexity php-evolution CWE-94	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.