Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Php Arena Subscribe
Filtered by product Panews
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-0646 1 Php Arena 1 Panews 2016-10-17 7.5 HIGH N/A
SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
CVE-2005-0647 1 Php Arena 1 Panews 2016-10-17 5.0 MEDIUM N/A
admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php.