Back to search
CVE-2005-3592
Published: Nov 16, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot slash) in the archive parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20051107 Path disclosure in CuteNews <= 1.4.0
mailing-list
x_refsource_BUGTRAQ
http://www.securityinfo.ru/2005/11/____cutenews_140.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now