Every CVE whose affected-product data names Ashwebstudio Ashnews, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2003-1292 — CVSS 5.0 (medium): PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files…
CVE-2006-0524 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in ashnews.php in Derek Ashauer ashNews 0.83 allows remote attackers to inject arbitrary web…