Approved changes feed: RSS · Atom

cpe:2.3:a:myiosoft:easynews:4.0tr:*:*:*:*:*:*:*

part: a version: 4.0tr update: *

VendorMyiosoft (2eae9d7f-d6ce-53da-8120-31a4c8841186)
ProductEasynews (4e945117-97ce-535b-8d58-2226788377ad)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2008-1651 vulnerable 2026-06-08 04:50:21.267269 Details available
Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Published: 2008-04-02T17:00:00.000Z
Updated: 2024-08-07T08:32:00.546Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-1650 vulnerable 2026-06-08 04:50:21.266915 Details available
SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action.
Published: 2008-04-02T17:00:00.000Z
Updated: 2024-08-07T08:32:00.396Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-1649 vulnerable 2026-06-08 04:50:21.266477 Details available
Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in EasyNews 4.0 allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_pupublish action.
Published: 2008-04-02T17:00:00.000Z
Updated: 2024-08-07T08:32:01.241Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.