Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

CuteNews directory traversal flaw Vulnerability Scan

Vulnerability Scan Summary
Checks for CuteNews dir traversal

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web site contains a PHP application that is affected by a
directory traversal flaw.

Description :

The version of CuteNews installed on the remote host fails to sanitize
user-supplied input to the 'template' parameter of the
'show_archives.php' and 'show_news.php' scripts. A possible hacker can
exploit this issue to read arbitrary files and possibly even execute
arbitrary PHP code on the remote host, subject to the rights of
the web server user id.

See also :

Solution :

Unknown at this time.

Threat Level:

High / CVSS Base Score : 7

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.