3 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such as the installation path, via a mail[] parameter with invalid values. index.php en Vincent Leclercq News 5.2 permite a los atacantes remotos obtener información sensible, como la ruta de instalación, a través del parámetro mail[] con valores no válidos. • http://secunia.com/advisories/20936 http://www.acid-root.new.fr/advisories/news52.txt http://www.securityfocus.com/archive/1/438859/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/27506 •

CVSS: 5.1EPSS: 1%CPEs: 1EXPL: 2

SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) texte parameters. Vulnerabilidad de inyección SQL en divers.php en Vincent Leclercq News 5.2 permite a atacantes remotos ejecutar comandos SQL de su elección a través del (1) identificador y (2) parámetros de texto. • http://secunia.com/advisories/20936 http://www.acid-root.new.fr/advisories/news52.txt http://www.securityfocus.com/archive/1/438859/100/0/threaded http://www.securityfocus.com/bid/18775 http://www.vupen.com/english/advisories/2006/2642 https://exchange.xforce.ibmcloud.com/vulnerabilities/27504 •

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) id and (2) disabled parameters. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en divers.php en Vincent Leclercq News v5.2 permite a atacantes remotos inyectar web script o HTML de su elección a través de los parámetros (1) id y (2) disabled. • https://www.exploit-db.com/exploits/28146 http://secunia.com/advisories/20936 http://www.acid-root.new.fr/advisories/news52.txt http://www.securityfocus.com/archive/1/438859/100/0/threaded http://www.securityfocus.com/bid/18775 http://www.vupen.com/english/advisories/2006/2642 https://exchange.xforce.ibmcloud.com/vulnerabilities/27505 •