Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4557

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-4557
Last Modified 29 Jan 2009 01:56:46
Published 14 Oct 2008 06:36:58
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4557

Summary

plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression.

Vulnerable Systems

Application

  • Cutephp Cutenews 1.1.1


References

XF - cutenews-html-code-execution(39450)

OSVDB - 40236

MILW0RM - 4851

SREASON - 4403

SECUNIA - 28330


Last Updated: 27 May 2016 10:48:32