Multiple PHP remote file inclusion vulnerabilities in CuteNews 1.3.x allow remote malicious users to execute arbitrary PHP code via a URL in the cutepath parameter to (1) show_news.php or (2) search.php. NOTE: CVE analysis as of 20060829 has not identified any scenarios in which these vectors could result in remote file inclusion
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cutephp cutenews 1.3.6 |
||
cutephp cutenews 1.3.2 |
||
cutephp cutenews 1.3 |
||
cutephp cutenews 1.3.1 |