Vulnerabilities (CVE)

Filtered by vendor Newanz Subscribe
Filtered by product Newsoffice
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-2844 1 Newanz 1 Newsoffice 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote attackers to inject arbitrary web script or HTML via the n-cat parameter.
CVE-2008-1903 1 Newanz 1 Newsoffice 2024-11-21 7.5 HIGH N/A
PHP remote file inclusion vulnerability in news_show.php in Newanz NewsOffice 1.0 and 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsoffice_directory parameter.