This page aggregates publicly disclosed CVE and security risk information related to adminnewstools, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2009-2558 | system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote attackers to post news messages via a direct request. | [email protected] | 7.5 | 2.42% | 2009-07-21 | 2026-04-23 |
| CVE-2009-2557 | Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter. | [email protected] | 5.0 | 6.78% | 2009-07-21 | 2026-04-23 |