Vulnerabilities (CVE)

Filtered by vendor Virtualsystem Subscribe
Filtered by product Vs-news-system
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1018 1 Virtualsystem 1 Vs-news-system 2024-11-21 9.3 HIGH N/A
PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1017 1 Virtualsystem 1 Vs-news-system 2024-11-21 9.3 HIGH N/A
PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter.