Vulnerabilities (CVE)

Filtered by vendor Netwin Subscribe
Filtered by product Webnews
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-5100 1 Netwin 1 Webnews 2024-11-21 7.5 HIGH N/A
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
CVE-2002-0310 1 Netwin 1 Webnews 2024-11-20 7.5 HIGH N/A
Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.
CVE-2002-0290 1 Netwin 1 Webnews 2024-11-20 7.5 HIGH N/A
Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument.