| VID |
21762 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The CuteNews is vulnerable to a directory traversal vulnerability in the show_archives.php and show_news.php scripts. CutePHP CuteNews is a freely available PHP based news management software that uses flat files to store the database. CuteNews version 1.4.1 and possibly earlier versions are vulnerable to a directory traversal vulnerability in the show_archives.php and show_news.php scripts. By sending a specially-crafted URL containing "dot dot" sequences (/../), a remote unauthenticated attacker could view arbitrary files outside of the web root directory with the privileges of the Web service. The attacker could also upload arbitrary scripts, which could be subsequently executed leading to a remote compromise with the privileges of the Web service.
* References:
http://www.securityfocus.com/archive/1/415632/30/0/threaded
http://rgod.altervista.org/cute141.html
* Platforms Affected:
CutePHP CuteNews version 1.4.1 and possibly earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of CuteNews (1.4.2 or later), available from the CutePHP Web site at http://cutephp.com/cutenews/ |
| Related URL |
CVE-2005-3507 (CVE) |
| Related URL |
15295 (SecurityFocus) |
| Related URL |
(ISS) |
|
