Dian Gemilang Dgnews vulnerabilities
3 known vulnerabilities affecting dian_gemilang/dgnews.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2007-0693P3MEDIUMCVSS 6.8PoCv1.5.1v2.12007-05-30
CVE-2007-0693 [MEDIUM] CVE-2007-0693: SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary S
SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newslist action. NOTE: this issue can produce resultant cross-site scripting (XSS).
nvd
CVE-2007-0694P4MEDIUMCVSS 4.3PoCv2.12007-05-30
CVE-2007-0694 [MEDIUM] CVE-2007-0694: Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 allows remote attackers to inje
Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 allows remote attackers to inject arbitrary web script or HTML via the copyright parameter.
nvd
CVE-2007-2994P3HIGHCVSS 7.5v2.12007-06-04
CVE-2007-2994 [HIGH] CVE-2007-2994: SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary S
SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a fullnews action, a different vector than CVE-2007-0693.
nvd