| CVE-2007-6540 (News) |
| SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/. More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6540) |
|
| CVE-2007-6270 (Absolute News Manager.NET) |
| Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) rmore parameter to xlaabsolutenm.aspx and the (2) ... |
|
| CVE-2007-6271 (Absolute News Manager.NET) |
| Absolute News Manager.NET 5.1 allows remote attackers to obtain sensitive information via a direct request to getpath.aspx, which reveals the installation path in an error message. More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6271) |
|
| CVE-2007-6268 (Absolute News Manager.NET) |
| Directory traversal vulnerability in pages/default.aspx in Absolute News Manager.NET 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6268) |
|
