CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-0692

DGNews 2.1 allows remote attackers to obtain sensitive information via a fullnews request to news.php with an invalid newsid parameter, and other unspecified vectors, which reveal the path in various error messages.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.8%

CVSS Severity

CVSS v2 Score 5.0

References

http://securityreason.com/securityalert/2741
http://www.netvigilance.com/advisory0021
http://www.osvdb.org/34226
http://www.securityfocus.com/archive/1/469826/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/34540
http://securityreason.com/securityalert/2741
http://www.netvigilance.com/advisory0021
http://www.osvdb.org/34226
http://www.securityfocus.com/archive/1/469826/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/34540

Products affected by CVE-2007-0692

Dgnews » Dgnews » Version: 2.1

cpe:2.3:a:dgnews:dgnews:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0692

Products

Pricing

Contact Us