Virtualsystem Vs-News-System vulnerabilities
2 known vulnerabilities affecting virtualsystem/vs-news-system.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2007-1017P3CRITICALCVSS 9.3PoC≤ 1.2.12007-02-21
CVE-2007-1017 [CRITICAL] CVE-2007-1017: PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 a
PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter.
nvd
CVE-2007-1018P4CRITICALCVSS 9.3≤ 1.2.12007-02-21
CVE-2007-1018 [CRITICAL] CVE-2007-1018: PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and
PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd