Cutephp CuteNews 1.3/1.3.1/1.3.2/1.3.6 show_news.php cutepath file inclusion

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in Cutephp CuteNews 1.3/1.3.1/1.3.2/1.3.6 (Content Management System). This affects an unknown part of the file show_news.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
223080708/14/2018VulD...cve_assigned1156809600mitre.org08/14/2018accepted100
223080308/14/2018VulD...urlhttp://www.securityfocus.com/archive/1/archive/1/444385/100/0/threadedsecurityfocus.com08/14/2018accepted100
223082903/12/2015VulD...cvss3_vuldb_aL03/12/2015accepted60
223082803/12/2015VulD...cvss3_vuldb_iL03/12/2015accepted60
223082703/12/2015VulD...cvss3_vuldb_cL03/12/2015accepted60
223082603/12/2015VulD...cvss3_vuldb_sU03/12/2015accepted60
223082503/12/2015VulD...cvss3_vuldb_prN03/12/2015accepted60
223082403/12/2015VulD...cvss3_vuldb_acL03/12/2015accepted60
223082303/12/2015VulD...cvss3_vuldb_avN03/12/2015accepted60
223082203/12/2015VulD...cvss3_vuldb_rcX03/12/2015accepted90
223082103/12/2015VulD...cvss3_vuldb_rlX03/12/2015accepted90
223082003/12/2015VulD...cvss3_vuldb_eX03/12/2015accepted90
223081903/12/2015VulD...cvss2_vuldb_rcND03/12/2015accepted90
223081803/12/2015VulD...cvss2_vuldb_rlND03/12/2015accepted90
223081703/12/2015VulD...cvss2_vuldb_eND03/12/2015accepted90
223081603/12/2015VulD...locationWebsite03/12/2015accepted90
223081503/12/2015VulD...cvss3_vuldb_uiN03/12/2015accepted90
223081403/12/2015VulD...cwe73 (privilege escalation)03/12/2015accepted90
223081303/12/2015VulD...xforce28582ibmcloud.com03/12/2015accepted100
223081203/12/2015VulD...osvdb_titleCuteNews Multiple Script cutepath Parameter Remote File Inclusion03/12/2015accepted100

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!