Wanewsletter vulnerabilities
2 known vulnerabilities affecting wanewsletter/wanewsletter.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2007-2969P2HIGHCVSS 7.5PoC≤ 2.1.32007-06-01
CVE-2007-2969 [HIGH] CVE-2007-2969: PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows r
PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the waroot parameter.
nvd
CVE-2010-4940P3HIGHCVSS 7.5PoCv2.1.22011-10-09
CVE-2010-4940 [HIGH] CWE-89 CVE-2010-4940: SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute ar
SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd