Lucene search
MitreCVELIST:CVE-2009-4116HistoryNov 30, 2009 - 9:00 p.m.
CVE-2009-4116
2009-11-3021:00:00
mitre
www.cve.org
Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is disabled, allow remote authenticated users with editor or administrative application access to read arbitrary files via a … (dot dot) in the source parameter in a (1) list or (2) editnews action to the Editnews module, and (3) the save_con[skin] parameter in the Options module. NOTE: vector 3 can be leveraged for code execution by using a … to include and execute arbitrary local files.
Related
nvd
nvd
CVE-2009-4116
2009-11-30 21:30:00
cve
cve
CVE-2009-4116
2009-11-30 21:30:00
prion
prion
Directory traversal
2009-11-30 21:30:00
openvas
openvas
CuteNews/UTF-8 CuteNews Multiple Vulneablities
2009-12-08 00:00:00
CuteNews/UTF-8 CuteNews Multiple Vulnerabilities
2009-12-08 00:00:00