| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-4679 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the f_user_name parameter.
|
29-08-2017 - 01:32 | 27-08-2012 - 21:55 | |
| CVE-2012-1934 | 7.5 |
SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 allows remote attackers to execute arbitrary SQL commands via the f_country_code parameter.
|
29-08-2017 - 01:31 | 27-08-2012 - 21:55 | |
| CVE-2012-1935 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email paramete
|
29-08-2017 - 01:31 | 27-08-2012 - 21:55 | |
| CVE-2012-1933 | 6.8 |
Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) includ
|
29-08-2017 - 01:31 | 27-08-2012 - 21:55 |