CVE-2006-1340

Опубликовано: 21 мар. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

CuteNews 1.4.1 and possibly other versions allows remote attackers to obtain the installation path via unspecified vectors involving an invalid file path.

Ссылки

http://hamid.ir/security/cutenews.txt
Exploit
http://secunia.com/advisories/19289
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/428434/100/0/threaded
http://www.securityfocus.com/bid/17152
Exploit
http://hamid.ir/security/cutenews.txt
Exploit
http://secunia.com/advisories/19289
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/428434/100/0/threaded
http://www.securityfocus.com/bid/17152
Exploit

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cutephp:cutenews:*:*:*:*:*:*:*:*

Версия до 1.4.1 (включая)

cpe:2.3:a:cutephp:cutenews:0.88:*:*:*:*:*:*:*

cpe:2.3:a:cutephp:cutenews:1.3:*:*:*:*:*:*:*

cpe:2.3:a:cutephp:cutenews:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:cutephp:cutenews:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:cutephp:cutenews:1.3.6:*:*:*:*:*:*:*

cpe:2.3:a:cutephp:cutenews:1.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00477

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-xxrc-69rc-659v

github

около 3 лет назад