MidnightBSD

Advisories for newsbee_project

CVE-2017-5971 HIGH

SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
newsbee_project newsbee -
CVE-2018-5687 LOW

NewsBee allows XSS via the Company Name field in the Settings under admin/admin.php.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
newsbee_project newsbee -