Cutenews@1.4.1 Security Vulnerabilities and Issues — Cutenews@1.4.1 CVE List

Lucene search

CutephpCutenews1.4.1

4 matches found

CVE•added 2006/05/09 10:2 a.m.•43 views

CVE-2006-2250

CuteNews 1.4.1 allows remote attackers to obtain sensitive information via a direct request to (1) /inc/show.inc.php or (2) /inc/functions.inc.php, which reveal the path in an error message.

6.4CVSS6.2AI score0.00483EPSS

CVE•added 2006/04/20 6:6 p.m.•39 views

CVE-2006-1925

Directory traversal vulnerability in the editnews module (inc/editnews.mdu) in index.php in CuteNews 1.4.1 allows remote attackers to read or modify files via the source parameter in the (1) editnews or (2) doeditnews action. NOTE: this can also produce resultant XSS when the target file does not e...

4.3CVSS6AI score0.0053EPSS

CVE•added 2006/03/09 9:2 p.m.•34 views

CVE-2006-1121

Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php.

6.8CVSS5.7AI score0.07035EPSS

CVE•added 2006/02/25 11:2 a.m.•32 views

CVE-2006-0885

Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the show parameter.

4.3CVSS5.7AI score0.007EPSS