CVE-2004-1660

2005-02-2005:00:00

mitre

www.cve.org

AI Score

7.5

Confidence

Low

EPSS

0.016

Percentile

87.3%

JSON

PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to execute arbitrary PHP code via the cutepath parameter to (1) show_archives.php or (2) show_news.php.

References

seclists.org/lists/bugtraq/2004/Sep/0014.html

secunia.com/advisories/12432

www.7a69ezine.org/node/view/130

exchange.xforce.ibmcloud.com/vulnerabilities/17288