CVE-2005-3507

2005-11-06T11:02:00
ID CVE-2005-3507
Type cve
Reporter cve@mitre.org
Modified 2011-03-08T02:26:00

Description

Directory traversal vulnerability in CuteNews 1.4.1 allows remote attackers to include arbitrary files, execute code, and gain privileges via "../" sequences in the template parameter to (1) show_archives.php and (2) show_news.php.