Test Kennung:	1.3.6.1.4.1.25623.1.0.56749
Kategorie:	CGI abuses : XSS
Titel:	CuteNews Multiple Cross-Site Scripting Vulnerabilities(2)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote version of CuteNews, according to its version number, is vulnerable to multiple cross site scripting attacks involving the insufficient sanitization of user supplied input. Version 1.4.1, and possibly earlier versions, are vulnerable. Solution : Upgrade to a later version. Risk factor : High CVSS Score: 6.8
Querverweis:	BugTraq ID: 16740 BugTraq ID: 16961 BugTraq ID: 17592 BugTraq ID: 17700 BugTraq ID: 17850 Common Vulnerability Exposure (CVE) ID: CVE-2006-0885 http://www.securityfocus.com/bid/16740 Bugtraq: 20060221 [myimei]CuteNews1.4.1~ Add Comment For Protected UserNames~ XSS Attack (Google Search) http://www.securityfocus.com/archive/1/425583 http://myimei.com/security/2006-02-20/cutenews141addcommentforprotectedusernamesxss-attack.html http://www.osvdb.org/23400 http://secunia.com/advisories/18981 http://www.vupen.com/english/advisories/2006/0685 XForce ISS Database: cutenews-shownews-xss(24835) https://exchange.xforce.ibmcloud.com/vulnerabilities/24835 Common Vulnerability Exposure (CVE) ID: CVE-2006-1121 http://www.securityfocus.com/bid/16961 Bugtraq: 20060304 [KAPDA::#30] - CuteNews1.4.1 Cross_Site_Scripting Vulnerability (Google Search) http://www.securityfocus.com/archive/1/426759/100/0/threaded http://kapda.ir/advisory-277.html http://securitytracker.com/id?1015726 http://securityreason.com/securityalert/531 XForce ISS Database: cutenews-index-script-xss(25052) https://exchange.xforce.ibmcloud.com/vulnerabilities/25052 Common Vulnerability Exposure (CVE) ID: CVE-2006-1925 http://www.securityfocus.com/bid/17592 Bugtraq: 20060418 CuteNews 1.4.1 <= Cross Site Scripting (Google Search) http://www.securityfocus.com/archive/1/431340/30/0/threaded Bugtraq: 20060420 Re: CuteNews 1.4.1 <= Cross Site Scripting (Google Search) http://www.securityfocus.com/archive/1/431528/100/0/threaded http://securityreason.com/securityalert/775 XForce ISS Database: cutenews-index-source-xss(25935) https://exchange.xforce.ibmcloud.com/vulnerabilities/25935 Common Vulnerability Exposure (CVE) ID: CVE-2006-2249 http://www.securityfocus.com/bid/17850 Bugtraq: 20060505 CuteNews 1.4.1 Multiple vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/433058/100/0/threaded http://neosecurityteam.net/index.php?action=advisories&id=21 http://www.osvdb.org/25304 http://secunia.com/advisories/20026 http://securityreason.com/securityalert/860 http://www.vupen.com/english/advisories/2006/1683 XForce ISS Database: cutenews-search-parameters-xss(26270) https://exchange.xforce.ibmcloud.com/vulnerabilities/26270
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.