CVE-2007-6662 (CuteNews) |
|
| BugsAlert Home > CVE-2007-6662 (CuteNews) | |
|
Directory traversal vulnerability in file.php in CuteNews 2.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, as demonstrated by reading the admin username and password hash in data/users.db.php. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6662 Learn more about CVE-2007-6662 (CuteNews) |
|
| Tags: cve-2007-6662 cutenews | |
Related Items |
|
|
Bugtraq: [SECURITY] [DSA 1592-2] New Linux 2.6.18 packages fix overflow conditions
|
|
|
Advisory Adobe LiveCycle Workflow XSS Vulnerability
|
|
|
CVE-2008-3791 (lightweight_x11_desktop_environment)
|
|
|
CVE-2008-0320 (OpenOffice.org)
|
|
|
CVE-2008-5323 (wysi_wiki_wyg)
|
|
|
avast! Home/Professional Unspecified TAR File Processing Vulnerability
|
|
|
TYPO3 sr_feuser_register Extension Multiple Vulnerabilities
|
|
