GCVE - cpe:2.3:a:xigla:absolute_news_manager.net:5.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:xigla:absolute_news_manager.net:5.1:*:*:*:*:*:*:*

part: a version: 5.1 update: *

Vendor	Xigla (`85dbf2c2-da43-5291-829b-acb2edbf4432`)
Product	Absolute News Manager.Net (`dff21169-a9c9-538b-9489-8be329e4690b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-6856`	vulnerable	2026-06-03 14:29:19.687652	Details available Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Published: 2009-07-14T14:00:00.000Z Updated: 2024-08-07T11:42:00.660Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/46301 http://www.securityfocus.com/bid/32024 https://www.exploit-db.com/exploits/6900 http://secunia.com/advisories/32472	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-6271`	vulnerable	2026-06-03 14:28:29.231722	Details available Absolute News Manager.NET 5.1 allows remote attackers to obtain sensitive information via a direct request to getpath.aspx, which reveals the installation path in an error message. Published: 2007-12-07T11:00:00.000Z Updated: 2024-08-07T16:02:35.898Z Open on db.gcve.eu Reference links http://www.procheckup.com/Vulnerability_PR07-39.php http://www.securityfocus.com/bid/26692 http://securityreason.com/securityalert/3421 http://www.securityfocus.com/archive/1/484560/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/38874	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-6270`	vulnerable	2026-06-03 14:28:29.231409	Details available Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) rmore parameter to xlaabsolutenm.aspx and the (2) template parameter to pages/default.aspx. Published: 2007-12-07T11:00:00.000Z Updated: 2024-08-07T16:02:36.295Z Open on db.gcve.eu Reference links http://www.procheckup.com/Vulnerability_PR07-39.php http://www.xigla.com/news/default.aspx http://www.securityfocus.com/bid/26692 http://osvdb.org/40578 https://exchange.xforce.ibmcloud.com/vulnerabilities/38872	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-6269`	vulnerable	2026-06-03 14:28:29.231042	Details available Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters. Published: 2007-12-07T11:00:00.000Z Updated: 2024-08-07T16:02:36.831Z Open on db.gcve.eu Reference links http://www.procheckup.com/Vulnerability_PR07-39.php https://exchange.xforce.ibmcloud.com/vulnerabilities/38871 http://osvdb.org/40576 http://www.xigla.com/news/default.aspx http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-6268`	vulnerable	2026-06-03 14:28:29.230606	Details available Directory traversal vulnerability in pages/default.aspx in Absolute News Manager.NET 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. Published: 2007-12-07T11:00:00.000Z Updated: 2024-08-07T16:02:36.036Z Open on db.gcve.eu Reference links http://www.procheckup.com/Vulnerability_PR07-39.php http://osvdb.org/40575 http://www.securityfocus.com/bid/26692 http://www.xigla.com/news/default.aspx http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Absolute News Manager.Net

PURL mappings

Vulnerability references

Contribute