| VID |
21494 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The CuteNews, according to its version number, has a Cross-Site Scripting Vulnerability in the show.inc.php script. CuteNews is a freely available PHP based news management software that uses flat files to store the database. CuteNews 1.3.6 could allow a remote attacker to inject arbitrary HTML script within the 'comments.txt' file through the variables 'X-FORWARDED-FOR' or 'CLIENT-IP' in the show.inc.php script when adding a comment. This vulnerability could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. The system is vulnerable even if register_globals is set to 'off'.
* Note: This check solely relied on the version number of the remote CuteNews installed on the web server to assess this vulnerability, so this might be a false positive.
* References:
http://securitytracker.com/alerts/2005/Mar/1013331.html
* Platforms Affected:
CuteNews 1.3.6
Microsoft Windows Any version
Unix Any version
Linux Any version |
| Recommendation |
No upgrade or patch available as of March 2005.
Upgrade to the new version of CuteNews, when new version fixed this problem becomes available from the CutePHP Web site at http://cutephp.com/cutenews/ |
| Related URL |
CVE-2005-0645 (CVE) |
| Related URL |
12691 (SecurityFocus) |
| Related URL |
19551 (ISS) |
|
