Vulnerabilities (CVE)

Filtered by vendor Dgnews Subscribe
Filtered by product Dgnews
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-0692 1 Dgnews 1 Dgnews 2024-02-28 5.0 MEDIUM N/A
DGNews 2.1 allows remote attackers to obtain sensitive information via a fullnews request to news.php with an invalid newsid parameter, and other unspecified vectors, which reveal the path in various error messages.
CVE-2006-2695 1 Dgnews 1 Dgnews 2024-02-28 5.1 MEDIUM N/A
admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory.