CVE-2008-1957

Tr Script News 2.1 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in news.php in Tr Script News 2.1 allows remote attackers to execute arbitrary SQL commands via the nb parameter in voir mode.

Exploits (1)

exploitdb WORKING POC VERIFIED
by His0k4 · textwebappsphp
https://www.exploit-db.com/exploits/5483

References (5)

Scores

EPSS 0.0072
EPSS Percentile 72.1%

Classification

CWE
CWE-89
Status draft

Affected Products (1)

easyscripts/tr_script_news

Timeline

Published Apr 25, 2008
Tracked Since Feb 18, 2026