Path Disclosure Vulnerability in CuteNews by CuteNews Team
CVE-2006-2250

Currently unrated

Key Information:

Vendor: CutePHP
Status: Cutenews
Vendor: CVE Published:; 9 May 2006

What is CVE-2006-2250?

CuteNews version 1.4.1 is susceptible to a path disclosure vulnerability that allows remote attackers to gain access to sensitive system information. By crafting specific direct requests to certain files, an attacker can trigger error messages that expose internal paths used by the application. This can lead to further exploitation if an attacker leverages this information to locate and exploit other vulnerabilities within the system.

References

http://www.osvdb.org/25306

vdb-entryx_refsource_OSVDB

http://securityreason.com/securityalert/860

third-party-advisoryx_refsource_SREASON

https://exchange.xforce.ibmcloud.com/vulnerabilities/26271

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 9, 2006
Vulnerability Reserved
May 8, 2006

CutePHP

What is CVE-2006-2250?

References

Timeline