Vulnerabilities > Phpkobo > Ajaxnewsticker > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-28 CVE-2023-41450 Code Injection vulnerability in PHPkobo Ajaxnewsticker 1.0.5
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter.
network
low complexity
phpkobo CWE-94
8.8
8.8
2023-09-27 CVE-2023-41452 Cross-Site Request Forgery (CSRF) vulnerability in PHPkobo Ajaxnewsticker 1.0.5
Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component.
network
low complexity
phpkobo CWE-352
8.8
8.8