CuteNews Editnews Function source Variable Traversal

2006-04-18T05:57:15
ID OSVDB:25236
Type osvdb
Reporter OSVDB
Modified 2006-04-18T05:57:15

Description

Vulnerability Description

CuteNews contains a flaw that allows a remote attacker to manipulate arbitrary files outside of the web path. The issue is due to the Editnews functionality not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'source' variable. Additionally, depending on the PHP configuration, this may be used to conduct cross site scripting attacks.

Short Description

CuteNews contains a flaw that allows a remote attacker to manipulate arbitrary files outside of the web path. The issue is due to the Editnews functionality not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'source' variable. Additionally, depending on the PHP configuration, this may be used to conduct cross site scripting attacks.

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0557.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0421.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0372.html CVE-2006-1925 Bugtraq ID: 17592