Vulnerabilities > CVE-2005-2394 - Remote Security vulnerability in Cutephp Cutenews 1.3.6

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
cutephp
NVD
Published: 2005-07-27
Updated: 2008-09-05

Summary

show_news.php in CuteNews 1.3.6 allows remote attackers to obtain the full path of the server via an invalid archive parameter.

Vulnerable Configurations

Part Description Count
Application
Cutephp
1

References