| Max CVSS | 5.1 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1641 | 5.1 |
Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote attackers to execute arbitrary SQL commands via the (1) usern or (2) passw parameters to (a) cn_auth.php, (3) s parameter to (b) news.php, or (4) a parameter to (c) dpost.php. Succe
|
18-10-2018 - 16:33 | 06-04-2006 - 10:04 | |
| CVE-2006-1640 | 2.6 |
Cross-site scripting (XSS) vulnerability in news.php in CzarNews 1.14 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
|
18-10-2018 - 16:33 | 06-04-2006 - 10:04 |