Every CVE whose affected-product data names 1two 1two News, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2005-1583 — CVSS 5.0 (medium): 1Two News 1.0 allows remote attackers to (1) delete images for new stories via a direct request to admin/delete.php or (2) upload arbitrary…
CVE-2005-1582 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via…