Adminnewstools Admin News Tools : Security vulnerabilities, CVEs

CVE-2009-2558

system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote attackers to post news messages via a direct request.

Max CVSS

7.5

EPSS Score

2.21%

Published

2009-07-21

Updated

2017-09-19

CVE-2009-2557

Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter.

Max CVSS

5.0

EPSS Score

0.96%

Published

2009-07-21

Updated

2018-10-10

2 vulnerabilities found

Adminnewstools » Admin News Tools : Security Vulnerabilities, CVEs,

CVE-2009-2558

CVE-2009-2557