Surat Kabar Phpwebnews vulnerabilities
3 known vulnerabilities affecting surat_kabar/phpwebnews.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6813P3HIGHCVSS 7.5PoCv0.22009-05-22
CVE-2008-6813 [HIGH] CWE-89 CVE-2008-6813: SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
nvd
CVE-2008-6812P3HIGHCVSS 7.5PoC≤ 0.2v0.12009-05-22
CVE-2008-6812 [HIGH] CWE-89 CVE-2008-6812: SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
nvd
CVE-2007-2300P4MEDIUMCVSS 4.3PoCv0.1v0.22007-04-26
CVE-2007-2300 [MEDIUM] CVE-2007-2300: Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management
Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) index.php, or (3) bukutamu.php.
nvd