Filtered by vendor Dgnews
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0692 | 1 Dgnews | 1 Dgnews | 2024-02-28 | 5.0 MEDIUM | N/A |
| DGNews 2.1 allows remote attackers to obtain sensitive information via a fullnews request to news.php with an invalid newsid parameter, and other unspecified vectors, which reveal the path in various error messages. | |||||
| CVE-2006-2695 | 1 Dgnews | 1 Dgnews | 2024-02-28 | 5.1 MEDIUM | N/A |
| admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory. | |||||