GCVE - cpe:2.3:a:adbnewssender:adbnewssender:1.4.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:adbnewssender:adbnewssender:1.4.1:*:*:*:*:*:*:*

part: a version: 1.4.1 update: *

Vendor	Adbnewssender (`ad698678-9159-5e3a-a095-4d183b5763b2`)
Product	Adbnewssender (`f897d23f-1516-55a5-af6b-bcca6f3aabee`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:sourceforge/adbnewssender`	purl2cpe	2026-06-01 10:15:08.999259

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-2449`	vulnerable	2026-06-03 14:29:41.302316	Details available Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter. Published: 2009-07-13T17:00:00.000Z Updated: 2024-08-07T05:52:14.727Z Open on db.gcve.eu Reference links http://sourceforge.net/project/shownotes.php?release_id=694644 http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22 http://www.securityfocus.com/bid/35596 http://secunia.com/advisories/35845	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-2444`	vulnerable	2026-06-03 14:29:41.227427	Details available Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php. Published: 2009-07-13T14:00:00.000Z Updated: 2024-08-07T05:52:14.617Z Open on db.gcve.eu Reference links http://r00tsecurity.org/forums/index.php?showtopic=9460 http://www.vupen.com/english/advisories/2009/1808 http://sourceforge.net/project/shownotes.php?release_id=694644 http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22 http://www.securityfocus.com/bid/35596	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-6047`	vulnerable	2026-06-03 14:29:12.059433	Details available Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing. Published: 2009-02-04T15:10:00.000Z Updated: 2024-09-17T02:05:48.828Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/32903 http://sourceforge.net/project/shownotes.php?release_id=647876 http://secunia.com/advisories/33224	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Adbnewssender

PURL mappings

Vulnerability references

Contribute