← Back

Cm68 News

cm68_news

Vendor: Cm68 News • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2006-6544
1Cm68 News
1Cm68 News
Apr 23, 2026
Dec 14, 2006
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in CM68 News allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained...Show more
Cross-site scripting (XSS) vulnerability in CM68 News allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2006-6462
1Cm68 News
1Cm68 News
Apr 23, 2026
Dec 11, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in engine/oldnews.inc.php in CM68 News 12.02.06 allows remote attackers to execute arbitrary PHP code via a URL in the addpath parameter.