CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-1876

Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.9%

CVSS Severity

CVSS v3 Score 4.5

CVSS v2 Score 4.4

References

http://marc.info/?l=bugtraq&m=111773528322711&w=2
http://secunia.com/advisories/15594
http://www.osvdb.org/17030
http://marc.info/?l=bugtraq&m=111773528322711&w=2
http://secunia.com/advisories/15594
http://www.osvdb.org/17030

Products affected by CVE-2005-1876

Cutephp » Cutenews » Version: N/A

cpe:2.3:a:cutephp:cutenews:-
Cutephp » Cutenews » Version: 1.3.6

cpe:2.3:a:cutephp:cutenews:1.3.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1876

Products

Pricing

Contact Us