Cute Editor for ASP.NET 6.4 - Cross-Site Scripting

Cute Editor for ASP.NET 6.4 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. id:...

CVE-2021-47751

CuteEditor for PHP now referred to as Rich Text Editor 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath function by renaming uploaded HTML files using...

CVE-2021-47751

CuteEditor for PHP now referred to as Rich Text Editor 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath function by renaming uploaded HTML files using...

CVE-2021-47751 CuteEditor for PHP 6.6 - Directory Traversal

CuteEditor for PHP now referred to as Rich Text Editor 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath function by renaming uploaded HTML files using...

CVE-2021-47751 CuteEditor for PHP 6.6 - Directory Traversal

CuteEditor for PHP now referred to as Rich Text Editor 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath function by renaming uploaded HTML files using...

CuteEditor for PHP 6.6 - Directory Traversal Vulnerability

Exploit Title: CuteEditor for PHP 6.6 - Directory Traversal Exploit Author: Stefan Hesselman Vendor Homepage: http://phphtmledit.com/ Software Link: http://phphtmledit.com/download/phphtmledit.zip Version: 6.6 Tested on: Windows Server 2019 CVE : N/A There is a path traversal vulnerability in the...

CuteEditor for PHP 6.6 - Directory Traversal

Exploit Title: CuteEditor for PHP 6.6 - Directory Traversal Google Dork: N/A Date: November 17th, 2021 Exploit Author: Stefan Hesselman Vendor Homepage: http://phphtmledit.com/ Software Link: http://phphtmledit.com/download/phphtmledit.zip Version: 6.6 Tested on: Windows Server 2019 CVE : N/A The...

CuteEditor For PHP 6.6 Directory Traversal

Exploit Title: CuteEditor for PHP 6.6 - Directory Traversal Google Dork: N/A Date: November 17th, 2021 Exploit Author: Stefan Hesselman Vendor Homepage: http://phphtmledit.com/ Software Link: http://phphtmledit.com/download/phphtmledit.zip Version: 6.6 Tested on: Windows Server 2019 CVE : N/A The...

GHSA-W327-WQ28-3VMF CuteSoft CuteEditor Path Traversal vulnerability

Directory traversal vulnerability in CuteSoftClient/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

CuteSoft CuteEditor Path Traversal vulnerability

Directory traversal vulnerability in CuteSoftClient/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

CuteEditor 6.6.0.0 /uploader.ashx 文件上传漏洞

No description provided by source...

CuteEditor 6.0 任意文件下载漏洞

CuteEditor是国外一款非常流行的所见即所得文字编辑器,其6.0版本存在任意文件下载漏洞，攻击者可以利用该漏洞下载任意文件。 CuteEditor 6.0...

cuteeditor editor using the method of two-vulnerability and early warning-the black bar safety net

Method 1. Direct Download load. ashx configuration file /CuteSoftClient/CuteEditor/Load. ashx? type=image&file=../../../web. config Then view some of the sql configuration information from the sql database connection to start with connectionStrings add name=”ynncConnectionString”...

Cute Editor online editor local include vulnerability xday-vulnerability warning-the black bar safety net

First, the vulnerability description: CuteEditor for ASP. NET is built on an Html Foundation, most easy-to-use, most powerful WYSIWYG Asp. net online editor. CuteEditor can help Asp. net developers to easily on the original text boxTextareacontentincluding text, images and other Html contentfor...

For Cuteeditor permeate the thinking-bug warning-the black bar safety net

By the author of the excavations, penetration cuteeditor site time if on the web. config get DB, or public permissions, for xpdirtree can not be used without worry when you can use this method successfully broke the path. To get the path of yet another party then it should be no filtering of...

cuteeditor using the method of two-vulnerability and early warning-the black bar safety net

Author: m@w01f 1. Direct Download load. ashx configuration file http://www.7747.net/CuteSoftClie ... ../../../web. config Then view some of the sql configuration information from the sql database connection to start with connectionStrings add name="ynncConnectionString" connectionString="Server=....