Vulnerabilities > Surat Kabar
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-22 | CVE-2008-6813 | SQL Injection vulnerability in Surat Kabar PHPwebnews 0.2 SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter. | 7.5 |
2009-05-22 | CVE-2008-6812 | SQL Injection vulnerability in Surat Kabar PHPwebnews 0.1 SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter. | 7.5 |
2007-04-26 | CVE-2007-2300 | Cross-Site Scripting vulnerability in Surat Kabar PHPwebnews 0.1/0.2 Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) index.php, or (3) bukutamu.php. network surat-kabar | 4.3 |