7.5
CVSSv2

CVE-2003-1240

Published: 31/12/2003 Updated: 05/09/2008
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 765
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote malicious users to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php.

Affected Products

Vendor Product Versions
CutephpCutenews0.88

Exploits

source: wwwsecurityfocuscom/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers Under some circumstances, it is possible for remote attackers to influence the include path for several include files to point to an external file on a remote server If the remote fil ...
source: wwwsecurityfocuscom/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers Under some circumstances, it is possible for remote attackers to influence the include path for several include files to point to an external file on a remote server If the remote file i ...
source: wwwsecurityfocuscom/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers Under some circumstances, it is possible for remote attackers to influence the include path for several include files to point to an external file on a remote server If the remote file is a ...