Skip to main content

News Script Php Pro

5 CVEs product

Monthly

CVE-2023-3537 MEDIUM This Month

A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS News Script Php Pro
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2020-25475 CRITICAL Act Now

SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP News Script Php Pro
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2020-25474 MEDIUM This Month

SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP News Script Php Pro
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-25473 MEDIUM This Month

SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP News Script Php Pro
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-25472 MEDIUM This Month

SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP News Script Php Pro
NVD
CVSS 3.1
6.5
EPSS
0.5%
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS News Script Php Pro
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP News Script Php Pro
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP News Script Php Pro
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP News Script Php Pro
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP News Script Php Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy