CVE-2005-1876

2005-06-09T04:00:00
ID CVE-2005-1876
Type cve
Reporter cve@mitre.org
Modified 2016-10-18T03:23:00

Description

Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file.