Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka Solucija News) 1.4 allows remote attackers to inject arbitrary web script or HTML via the search_query parameter.
Max CVSS
4.3
EPSS Score
0.59%
Published
2006-07-28
Updated
2017-07-20
SQL injection vulnerability in index.php in sNews 1.3 allows remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters.
Max CVSS
7.5
EPSS Score
0.54%
Published
2006-02-15
Updated
2018-10-19
Cross-site scripting (XSS) vulnerability in sNews 1.3 allows remote attackers to inject arbitrary web script or HTML via the comment field.
Max CVSS
4.3
EPSS Score
0.32%
Published
2006-02-15
Updated
2018-10-19
3 vulnerabilities found