Surat Kabar » Phpwebnews : Security Vulnerabilities, CVEs,
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-05-22
Updated
2017-09-29
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-05-22
Updated
2017-09-29
Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) index.php, or (3) bukutamu.php.
Max CVSS
4.3
EPSS Score
1.19%
Published
2007-04-26
Updated
2018-10-16
3 vulnerabilities found