Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1876


Vulnerability Score 4.6 4.6
CVE Id CVE-2005-1876
Last Modified 05 Sep 2008 04:50:19
Published 09 Jun 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file.

Vulnerable Systems


  • Cutephp Cutenews 1.3.6


OSVDB - 17030

SECUNIA - 15594

BUGTRAQ - 20050602 PHP Execution Vulnerability in CuteNews

Last Updated: 27 May 2016 10:40:20