exploits , vulnerabilities , articles , CutePHP CuteNews Index.PHP Cross-Site Scripting Vulnerability

Title	CutePHP CuteNews Index.PHP Cross-Site Scripting Vulnerability
Published	2006-03-04-12:00AM
Updated	2006-03-04-12:00AM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	Discovered by Roozbeh Afrasiabi, imei addmimistrator <roozbeh_afrasiabi@yahoo.com>.
Vulnerable	CutePHP CuteNews 1.4.1
Not Vulnerable
Code	An exploit is not required. The following proof of concept URI was provided: http://www.example.com/index.php?subaction=showcomments&id=[number]&archive=&start_from=&ucat=&">[code]
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-01-09 MODx Prior to 0.9.6.3 Multiple Cross Site Scripting Vulnerabilities
• 2009-01-09 Check Point SecurePlatform Unspecified Remote Security Vulnerability
• 2009-01-09 Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
• 2009-01-09 NetGear WG102 SNMP Write Community String Information Disclosure Vulnerability
• 2009-01-09 Serv-U Remote Denial of Service Vulnerabilities
• 2009-01-09 QuoteBook Information Disclosure, SQL Injection and HTML Injection Vulnerabilities
• 2009-01-08 Oracle January 2009 Oracle Critical Patch Update Pre-Release Announcement Multiple Vulnerabilities
• 2009-01-08 Microsoft January 2009 Advance Notification Multiple Vulnerabilities
• 2009-01-08 IBM WebSphere DataPower XML Security Gateway XS40 Remote Denial Of Service Vulnerability
• 2009-01-08 Drupal Project Release Module Multiple Remote Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Sat, 10 Jan 2009 04:15:49 +0000