Vulnerabilities > Xpression News > Xpression News
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-21 | CVE-2007-1042 | Path Traversal vulnerability in Xpression News Xpression News 1.0.1 Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. | 5.8 |
2007-02-21 | CVE-2007-1040 | Directory Traversal vulnerability in Xpression News Xpression News 1.0.1 Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a .. | 7.5 |