Every CVE whose affected-product data names Easyscripts Easynews, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2001-1437 — CVSS 7.5 (high): easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message…
CVE-2001-1525 — CVSS 5.0 (medium): Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat…
CVE-2001-1526 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject…
CVE-2001-1527 — CVSS 2.1 (low): easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and…