Vulnerabilities > Xpression News > Xpression News > 1.0.1

DATE CVE VULNERABILITY TITLE RISK
2007-02-21 CVE-2007-1042 Path Traversal vulnerability in Xpression News Xpression News 1.0.1
Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. 		5.8
5.8
2007-02-21 CVE-2007-1040 Directory Traversal vulnerability in Xpression News Xpression News 1.0.1
Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a ..
network
low complexity
xpression-news
7.5
7.5