| Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-5640 | 7.5 |
Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the (1) answer_id or (2) question_id parameter to polls/vote.php, (3) story_id parameter to comments/add.php or (4) comments/edit.php,
|
31-12-2016 - 02:59 | 01-04-2014 - 03:24 | |
| CVE-2013-7349 | 7.5 |
Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter to news/send.php, (2) thread_id parameter to posts/edit.php, or (3) user_email parameter to users/password.ph
|
31-12-2016 - 02:59 | 01-04-2014 - 03:25 | |
| CVE-2013-5639 | 7.5 |
Directory traversal vulnerability in users/login.php in Gnew 2013.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the gnew_language cookie. CVE-2013-5639 CVSS assessment per LFI:
https://www.htbridge.com/advisory/
|
12-03-2014 - 18:03 | 11-03-2014 - 19:37 |