Lucene search
+L

31 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-26719

Malware in sbrugna...

6.1CVSS6.3AI score0.00773EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-3656

Malware in sbrugna...

2.6CVSS6.4AI score0.00887EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-2395

Malware in sbrugna...

5CVSS6.4AI score0.01306EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-3591

Malware in sbrugna...

5CVSS6.4AI score0.01181EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-2394

Malware in sbrugna...

4.3CVSS6.4AI score0.00992EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.4 views

CVE-2020-5557

Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.5AI score0.00773EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

CuteNews 1.3 Comment HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10750/info CutePHP is reported prone to an HTML injection vulnerability. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, user-supplied input to comment posts are not...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.54 views

CuteNews 0.88 comments.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers. Under some circumstances, it is possible for remote attackers to influence the include path for several...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

CuteNews 1.4.1 search.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17850/info CuteNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to have...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/10 12:0 a.m.33 views

CuteNews 1.4.6 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/01/07 12:0 a.m.27 views

CuteNews 1.1.1 (html.php) Remote Code Execution Vulnerability

No description provided by source. ---- CuteNews Remote Code Execution ... ITDefence.ru Antichat.ru Strawberry CuteNews Remote Code Execution Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ &nbs...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/12/24 12:0 a.m.54 views

[waraxe-2007-SA#060] - Sensitive info disclosure in CuteNews <= 1.4.5

waraxe-2007-SA060 - Sensitive info disclosure in CuteNews = 1.4.5 ===================================================================== Author: Janek Vind "waraxe" Date: 24. December 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-60.html Vulnerable software description: Cute new...

7.6AI score
Exploits0
NVD
NVD
added 2006/04/20 6:6 p.m.18 views

CVE-2006-1925

Directory traversal vulnerability in the editnews module inc/editnews.mdu in index.php in CuteNews 1.4.1 allows remote attackers to read or modify files via the source parameter in the 1 editnews or 2 doeditnews action. NOTE: this can also produce resultant XSS when the target file does not exist...

4.3CVSS5.9AI score0.01803EPSS
Exploits1References5
CVE
CVE
added 2005/11/06 11:0 a.m.59 views

CVE-2005-3507

CVE-2005-3507 affects CuteNews 1.4.1. The vulnerability is a directory traversal in the template parameter for show_archives.php and show_news.php, allowing remote attackers to include arbitrary files and potentially execute PHP code via "../" sequences. OpenVAS NASL cites privilege escalation/re...

5CVSS7.2AI score0.12449EPSS
Exploits1References7Affected Software1
exploitpack
exploitpack
added 2005/11/02 12:0 a.m.13 views

CuteNews 1.4.1 - show_archives.php Traversal Arbitrary File Access

CuteNews 1.4.1 - showarchives.php Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15295/info CuteNews is affected by a directory traversal vulnerability. An unauthorized attacker can retrieve or upload arbitrary files by supplying directory traversal strings '../' throug...

Exploits0
Exploit DB
Exploit DB
added 2005/11/02 12:0 a.m.21 views

CuteNews 1.4.1 - 'show_archives.php' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15295/info CuteNews is affected by a directory traversal vulnerability. An unauthorized attacker can retrieve or upload arbitrary files by supplying directory traversal strings '../' through an affected URI parameter. Exploitation of this vulnerability...

7.4AI score
Exploits0
Vulnrichment
Vulnrichment
added 2005/06/07 8:0 a.m.7 views

CVE-2005-1876

Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template .tpl file...

8.4AI score0.0058EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/03/04 5:0 a.m.27 views

CVE-2005-0645

Cross-site scripting XSS vulnerability in show.inc.php in cuteNews 1.3.6 allows remote attackers to inject arbitrary HTML, web script, and PHP code via the 1 CLIENT-IP or 2 X-FORWARDED-FOR header in an HTTP POST request to shownews.php...

6.1AI score0.00938EPSS
Exploits0References2
NVD
NVD
added 2004/12/31 5:0 a.m.18 views

CVE-2004-2615

The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact...

4.6CVSS6.6AI score0.00331EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/09/06 12:0 a.m.40 views

CuteNews index.php mod Parameter XSS

The version of CuteNews installed on the remote host is vulnerable to a cross-site scripting XSS attack. An attacker, exploiting this flaw, would need to be able to coerce a user to browse to a purposefully malicious URI. Upon successful exploitation, the attacker would be able to run code within...

4.3CVSS5.3AI score0.03589EPSS
Exploits1References2
Rows per page
Query Builder