Multiple PHP remote file inclusion vulnerabilities in CutePHP CuteNews 1.3.6 allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: issue might overlap CVE-2004-1660 or CVE-2006-4445.
Max CVSS
7.5
EPSS Score
0.59%
Published
2007-03-02
Updated
2008-11-15
Multiple PHP remote file inclusion vulnerabilities in CuteNews 1.3.x allow remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter to (1) show_news.php or (2) search.php. NOTE: CVE analysis as of 20060829 has not identified any scenarios in which these vectors could result in remote file inclusion
Max CVSS
7.5
EPSS Score
2.37%
Published
2006-08-29
Updated
2024-04-11
PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to execute arbitrary PHP code via the cutepath parameter to (1) show_archives.php or (2) show_news.php.
Max CVSS
7.5
EPSS Score
1.57%
Published
2004-08-30
Updated
2017-07-11
PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php.
Max CVSS
7.5
EPSS Score
1.85%
Published
2003-12-31
Updated
2008-09-05
4 vulnerabilities found