Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.56749
Kategorie:CGI abuses : XSS
Titel:CuteNews Multiple Cross-Site Scripting Vulnerabilities(2)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote version of CuteNews, according to its version
number, is vulnerable to multiple cross site scripting
attacks involving the insufficient sanitization of user supplied
input.

Version 1.4.1, and possibly earlier versions, are vulnerable.

Solution : Upgrade to a later version.

Risk factor : High

CVSS Score:
6.8

Querverweis: BugTraq ID: 16740
BugTraq ID: 16961
BugTraq ID: 17592
BugTraq ID: 17700
BugTraq ID: 17850
Common Vulnerability Exposure (CVE) ID: CVE-2006-0885
http://www.securityfocus.com/bid/16740
Bugtraq: 20060221 [myimei]CuteNews1.4.1~ Add Comment For Protected UserNames~ XSS Attack (Google Search)
http://www.securityfocus.com/archive/1/425583
http://myimei.com/security/2006-02-20/cutenews141addcommentforprotectedusernamesxss-attack.html
http://www.osvdb.org/23400
http://secunia.com/advisories/18981
http://www.vupen.com/english/advisories/2006/0685
XForce ISS Database: cutenews-shownews-xss(24835)
https://exchange.xforce.ibmcloud.com/vulnerabilities/24835
Common Vulnerability Exposure (CVE) ID: CVE-2006-1121
http://www.securityfocus.com/bid/16961
Bugtraq: 20060304 [KAPDA::#30] - CuteNews1.4.1 Cross_Site_Scripting Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/426759/100/0/threaded
http://kapda.ir/advisory-277.html
http://securitytracker.com/id?1015726
http://securityreason.com/securityalert/531
XForce ISS Database: cutenews-index-script-xss(25052)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25052
Common Vulnerability Exposure (CVE) ID: CVE-2006-1925
http://www.securityfocus.com/bid/17592
Bugtraq: 20060418 CuteNews 1.4.1 <= Cross Site Scripting (Google Search)
http://www.securityfocus.com/archive/1/431340/30/0/threaded
Bugtraq: 20060420 Re: CuteNews 1.4.1 <= Cross Site Scripting (Google Search)
http://www.securityfocus.com/archive/1/431528/100/0/threaded
http://securityreason.com/securityalert/775
XForce ISS Database: cutenews-index-source-xss(25935)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25935
Common Vulnerability Exposure (CVE) ID: CVE-2006-2249
http://www.securityfocus.com/bid/17850
Bugtraq: 20060505 CuteNews 1.4.1 Multiple vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/433058/100/0/threaded
http://neosecurityteam.net/index.php?action=advisories&id=21
http://www.osvdb.org/25304
http://secunia.com/advisories/20026
http://securityreason.com/securityalert/860
http://www.vupen.com/english/advisories/2006/1683
XForce ISS Database: cutenews-search-parameters-xss(26270)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26270
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.