Php Arena Panews vulnerabilities
2 known vulnerabilities affecting php_arena/panews.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2005-0647P4MEDIUMCVSS 5.0PoCv2.0.4b2005-05-02
CVE-2005-0647 [MEDIUM] CVE-2005-0647: admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $f
admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php.
nvd
CVE-2005-0646P4HIGHCVSS 7.5v2.0.4b2005-05-02
CVE-2005-0646 [HIGH] CVE-2005-0646: SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrar
SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
nvd