Every CVE whose affected-product data names Bosdev Bosnews, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2008-4703 — CVSS 7.5 (high): SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article…
CVE-2007-5835 — CVSS 5.0 (medium): Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new…
CVE-2007-5834 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT…