Test Kennung:	1.3.6.1.4.1.25623.1.0.55363
Kategorie:	CGI abuses
Titel:	CuteNews Remote File Include Vulnerability
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote version of CuteNews, according to its version number, is vulnerable to a code injection attack as a result of improperly sanitized user input. An attacker may be able to cause an arbitrary include file to be retrieved from a remote server which can contain code the attacker has created. Versions up to and including 0.88 are known to be vulnerable. Solution : Upgrade to a later version. Risk factor : High CVSS Score: 7.5
Querverweis:	BugTraq ID: 6935 Common Vulnerability Exposure (CVE) ID: CVE-2003-1240 http://www.securityfocus.com/bid/6935 Bugtraq: 20030225 PHP code injection in CuteNews (Google Search) http://archives.neohapsis.com/archives/bugtraq/2003-02/0320.html http://www.iss.net/security_center/static/11417.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.