Skintech » Phpnewsmanager : Security Vulnerabilities, CVEs, CVSS score >= 3
Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly (1) id and (2) topicid, in (a) browse.php, (b) category.php, (c) gallery.php, (d) poll.php, and (e) possibly other unspecified scripts. NOTE: portions of the description details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.73%
Published
2006-03-31
Updated
2018-10-18
Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter.
Max CVSS
5.0
EPSS Score
1.71%
Published
2004-11-23
Updated
2017-07-11
2 vulnerabilities found