Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
korn19 utf-8 cutenews vulnerabilities and exploits
(subscribe to this query)
440
VMScore
CVE-2009-4250
Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews prior to 8b allow remote malicious users to inject arbitrary web script or HTML via (1) the result parameter to register.php; (2) the user parameter to search.php; the (3) cat_msg, (4...
Korn19 Utf-8 Cutenews 4
Korn19 Utf-8 Cutenews 3
Korn19 Utf-8 Cutenews 7
Korn19 Utf-8 Cutenews 6
Korn19 Utf-8 Cutenews 5
Korn19 Utf-8 Cutenews 2
Cutephp Cutenews 1.4.6
Korn19 Utf-8 Cutenews
2 EDB exploits
270
VMScore
CVE-2009-4172
Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b, when magic_quotes_gpc is disabled, allows remote malicious users to inject arbitrary web script or HTML via the body of a news article in an addnews action.
Korn19 Utf-8 Cutenews 8
Korn19 Utf-8 Cutenews 8b
Cutephp Cutenews 1.4.6
2 EDB exploits
578
VMScore
CVE-2009-4113
Static code injection vulnerability in the Categories module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews prior to 8b allows remote authenticated users with application administrative privileges to inject arbitrary PHP code into data/category.db.php via the Category Access field.
Cutephp Cutenews 1.4.6
Korn19 Utf-8 Cutenews 8
690
VMScore
CVE-2009-4173
Cross-site request forgery (CSRF) vulnerability in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews prior to 8b allows remote malicious users to hijack the authentication of administrators for requests that create new users, including a new administrator, via an adduser action in the ed...
Cutephp Cutenews 1.4.6
Korn19 Utf-8 Cutenews 8
2 EDB exploits
605
VMScore
CVE-2009-4174
The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews prior to 8b, when magic_quotes_gpc is disabled, allows remote authenticated users with Journalist or Editor access to bypass administrative moderation and edit previously submitted articles via a modified id paramet...
Korn19 Utf-8 Cutenews 8
Cutephp Cutenews 1.4.6
1 EDB exploit
510
VMScore
CVE-2009-4175
CutePHP CuteNews 1.4.6 and UTF-8 CuteNews prior to 8b allows remote malicious users to obtain sensitive information via an invalid date value in the from_date_day parameter to search.php, which reveals the installation path in an error message.
Cutephp Cutenews 1.4.6
Korn19 Utf-8 Cutenews 8
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started