CutePHP CuteNews 路径遍历漏洞

CutePHP CuteNews is a news management system. The system has features such as search, file upload management, access control, backup and restore. A path traversal vulnerability exists in CutePHP CuteNews version 6.6, which stems from a directory traversal in the Browse Templates feature that coul...

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content of a...

EUVD-2009-4086

Malware in sbrugna...

EUVD-2009-4143

Malware in sbrugna...

EUVD-2009-4145

Malware in sbrugna...

EUVD-2009-4142

Malware in sbrugna...

EUVD-2009-4219

Malware in sbrugna...

EUVD-2009-4087

Malware in sbrugna...

EUVD-2009-4218

Malware in sbrugna...

EUVD-2009-4144

Malware in sbrugna...

EUVD-2009-4084

Malware in sbrugna...

Exploit for Unrestricted Upload of File with Dangerous Type in Cutephp Cutenews

CVE-2019-11447 CutePHP Cute News 2.1.2 RCE PoC Target :...

Exploit for Unrestricted Upload of File with Dangerous Type in Cutephp Cutenews

CVE-2019-11447 - PoC Exploits CuteNews 2.1.2 via poor file up...

CutePHP Cutenews Remote Code Execution (CVE-2019-11447)

A remote code execution vulnerability exists in CutePHP CuteNews. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CutePHP CuteNews Cross-Site Scripting Vulnerability

CutePHP CuteNews is a news management system. The system has features such as search, file upload management, access control, backup and restore. A cross-site scripting vulnerability exists in CutePHP CuteNews version 2.0.1. A remote attacker can exploit this vulnerability to inject arbitrary web...

CutePHP CuteNews Injection Vulnerability

CutePHP CuteNews is a news management system. The system has features such as search, file upload management, access control, backup and restore. An injection vulnerability exists in CutePHP CuteNews version 2.0.1. A remote attacker can exploit this vulnerability to execute arbitrary PHP code...

JVN#58176087: Cute News vulnerable to PHP code execution

Cute News provided by CutePHP.com is a system to manage news. Cute News contains a PHP code execution vulnerability CWE-94. Impact A user who can login to CuteNews may execute arbitrary PHP code. Solution Consider stop using Cute News 2.1.2 Since the developer was unreachable, existence of any...

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...

Design/Logic Flaw

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...