Every CVE whose affected-product data names X-dev Xnews, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2007-0569 — CVSS 7.5 (high): SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a…
CVE-2007-0630 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in the generate_csv function in classes/class.news.php in X-dev xNews 1.3 and earlier allow remote…