Cross-Site Scripting Vulnerability in CuteNews by CuteNews
CVE-2005-3009

Currently unrated

Key Information:

Vendor: CutePHP
Status: Cutenews
Vendor: CVE Published:; 21 September 2005

What is CVE-2005-3009?

The vulnerability in CuteNews permits remote attackers to exploit the application by injecting arbitrary web scripts or HTML code through the 'mod' parameter in index.php. This allows attackers to conduct malicious actions, potentially leading to the theft of sensitive information or session hijacking. This risk emphasizes the need for developers to implement adequate input validation and sanitization measures to protect web applications from such XSS attacks.

References

http://securitytracker.com/id?1014929

vdb-entryx_refsource_SECTRACK

http://www.aria-security.net/advisory/portals/cutenews.txt

x_refsource_MISC

http://www.securityfocus.com/archive/1/432110/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 21, 2005
Vulnerability Reserved
Sep 21, 2005

CutePHP

What is CVE-2005-3009?

References

Timeline