Psnews : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in news/show.php in PsNews 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newspath parameter.
Max CVSS
6.4
EPSS Score
1.95%
Published
2007-07-15
Updated
2017-09-29
Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter.
Max CVSS
4.3
EPSS Score
0.26%
Published
2004-09-05
Updated
2017-07-11
2 vulnerabilities found