Vulnerabilities > CVE-2005-3592 - Unspecified vulnerability in Cutephp Cutenews 1.3.6

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

cutephp

NVD

Published: 2005-11-16

Updated: 2024-11-21

Summary

index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot slash) in the archive parameter.

Vulnerable Configurations

Part	Description	Count
Application	Cutephp Cutephp Cutenews - Cutephp Cutenews 1.3.6	2

References

http://marc.info/?l=bugtraq&m=113140342029880&w=2
http://marc.info/?l=bugtraq&m=113140342029880&w=2
http://www.securityinfo.ru/2005/11/____cutenews_140.html
http://www.securityinfo.ru/2005/11/____cutenews_140.html