Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
CuteNews Directory Traversal Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
CuteNews
by:
Unknown
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: CuteNews
Affected Version From: 1.4.2001
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Not provided
CPE: a:cute_news:cute_news:1.4.1
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

CuteNews Directory Traversal Vulnerability

CuteNews is affected by a directory traversal vulnerability. An unauthorized attacker can retrieve or upload arbitrary files by supplying directory traversal strings '../' through an affected URI parameter. Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. Information obtained through this attack may aid in further attacks against the underlying system. An attacker may also upload arbitrary scripts, which may be subsequently executed leading to a remote compromise in the context of the server.

Mitigation:

Upgrade to a non-vulnerable version of CuteNews. Restrict access to the affected URI parameter. Input validation and sanitization of user-supplied input should be implemented to prevent directory traversal attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15295/info

CuteNews is affected by a directory traversal vulnerability.

An unauthorized attacker can retrieve or upload arbitrary files by supplying directory traversal strings '../' through an affected URI parameter.

Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. Information obtained through this attack may aid in further attacks against the underlying system.

An attacker may also upload arbitrary scripts, which may be subsequently executed leading to a remote compromise in the context of the server.

CuteNews 1.4.1 is reported to be vulnerable to this issue. Other versions may be affected as well.

http://www.example.com/cute141/show_archives.php?template=../../../../../../../../boot.ini%00
http://www.example.com/cute141/show_archives.php?template=../../../../../../../../[script]

Navigation

Suggest Exploit

Services By CQR