Netwin Webnews vulnerabilities
3 known vulnerabilities affecting netwin/webnews.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2006-5100P3HIGHCVSS 7.5PoCv1.1hv1.1i+3 more2006-10-03
CVE-2006-5100 [HIGH] CVE-2006-5100: PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earli
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
nvd
CVE-2002-0310P4HIGHCVSS 7.5v1.1hv1.1i+2 more2002-05-31
CVE-2002-0310 [HIGH] CVE-2002-0310: Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cann
Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.
nvd
CVE-2002-0290P4HIGHCVSS 7.5v1.1hv1.1i+1 more2002-05-31
CVE-2002-0290 [HIGH] CVE-2002-0290: Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute a
Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument.
nvd