vendor:
Cuteflow Bin
by:
KnocKout
7.5
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: Cuteflow Bin
Affected Version From: 1.5.2000
Affected Version To: 1.5.2000
Patch Exists: NO
Related CWE: N/A
CPE: a:ringsworld:cuteflow_bin:1.5.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability
A vulnerability in Cuteflow Bin v1.5.0 allows an attacker to include a local file via the 'language' parameter in the 'login.php' script.
Mitigation:
Input validation should be used to prevent the inclusion of local files.