exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files

cutenews-download.txt
Posted Dec 31, 2007
Authored by Pr0metheuS

CuteNews version 2.6 arbitrary file download exploit.

tags | exploit, arbitrary
SHA-256 | fd63f30fa6afac5d7724bff44aadb2674c704e32efc26e02417a549082674fa4

Related Files

CuteNews 2.1.2 Shell Upload
Posted Mar 17, 2021
Authored by Mayank Deshmukh

CuteNews version 2.1.2 Avatar upload remote shell upload exploit. Original discovery of remote shell upload in this version is attributed to Ozkan Mustafa Akkus in April of 2019.

tags | exploit, remote, shell
SHA-256 | 3bfcd7e004bf700bf7018b5be445e0eaf5aa0214d64852a09babea6c6a72b8ed
CuteNews 2.1.2 Remote Code Execution
Posted Sep 10, 2020
Authored by Musyoka Ian

CuteNews version 2.1.2 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-11447
SHA-256 | d220768cceb26827a8dabeb01a7df4046a753b0e28e0c60cba3f86088e976bd3
CuteNews 2.1.2 Authenticated Shell Upload
Posted May 12, 2020
Authored by Vigov5

CuteNews version 2.1.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
SHA-256 | 1bf71f9d33300d7dc2cc4132c6b15db181f3b4df8f6712432611c28b8929c56a
CuteNews 2.1.2 Arbitrary File Deletion
Posted May 11, 2020
Authored by Besim Altinok, Ismail Bozkurt

CuteNews version 2.1.2 suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 37c5678fdbbbfaf9881b385d209475aaecc9505027b0b083c1f4c986bfdb3f5c
CuteNews 2.1.2 Remote Code Execution
Posted Apr 15, 2019
Authored by Ozkan Mustafa Akkus | Site metasploit.com

This Metasploit module exploits a command execution vulnerability in CuteNews prior to version 2.1.2. The attacker can infiltrate the server through the avatar upload process in the profile area. There is no realistic control of the $imgsize function in "/core/modules/dashboard.php" Header content of the file can be changed and the control can be bypassed. We can use the "GIF" header for this process. An ordinary user is enough to exploit the vulnerability. No need for admin user. The module creates a file for you and allows RCE.

tags | exploit, php
SHA-256 | 623af1c20140392eea85e311d20f5eb4a793c36624f957a81e2e931d894e980c
Cutenews 1.5 Cross Site Scripting
Posted Sep 5, 2012
Authored by Crim3R

Cutenews 1.5 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 695c9d2ee8521bda1454e7157dad6a25535ddd8146407ea8abe7dfddc9dd3f9f
Cute News 1.4.7 Cross Site Request Forgery
Posted Jun 27, 2012
Authored by Black-Hole

Cute News version 1.4.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | a6c888062576583a7d0249f9e1102e55b912f19ca049eeddea3637dc89e3540c
CuteNews Local File Inclusion
Posted Oct 4, 2010
Authored by eidelweiss

CuteNews suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | caccde755bfbe7f98d41777d2d8c96a88e23336827845acba44f4444922c5ca6
CuteNews 1.4.6 Insecure Cookie Handling
Posted Mar 16, 2010
Authored by indoushka

CuteNews version 1.4.6 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | 2b696924860993e8b7a3b9a6023db148df92340d5a146e4bd8444ace1360c613
Secunia Security Advisory 33447
Posted Jan 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - athos has discovered some vulnerabilities in CuteNews, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to compromise a vulnerable system.

tags | advisory, vulnerability, xss
SHA-256 | d25367728c28cb92a09901042467f8ea76634ad232bced26cd4eb891eb45c49c
CuteNews 1.4.6 XSS / Code Execution Exploit
Posted Jan 8, 2009
Authored by StAkeR

CuteNews versions 1.4.6 and below remote cross site scripting and remote command execution exploit.

tags | exploit, remote, xss
SHA-256 | 47dc340b58d3dbb45286e904177789782043fd553a7083666a189192b10bc118
cutenews-exec.txt
Posted Jan 7, 2008
Authored by Eugene Minaev | Site itdefence.ru

CuteNews version 1.1.1 suffers from a remote code execution vulnerability in html.php.

tags | exploit, remote, php, code execution
SHA-256 | 48d342e9302a9d3ddb0a142bd2663c5d3affb9f41f73f8e84697f98c6135750c
Secunia Security Advisory 28202
Posted Dec 24, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Janek Vind has reported some vulnerabilities in CuteNews, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, vulnerability
SHA-256 | 1b435b5e8168e91133729476ca43b8e211aa8b31708c4e3893fd7f0af532d816
cutenews-hash.txt
Posted Dec 24, 2007
Authored by Janek Vind aka waraxe | Site waraxe.us

CuteNews versions 1.45 and below administrative password hash fetch exploit.

tags | exploit
SHA-256 | b75df010e8f28644bcc2f2f01bc1f01715a3cd55d07c95260c7c2fe2d1b8afff
Secunia Security Advisory 23425
Posted Dec 19, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - DeltahackingTEAM have discovered a vulnerability in CuteNews AJ-Fork, which can be exploited by malicious people to compromise vulnerable systems.

tags | advisory
SHA-256 | 63385bbacf92d673e7c41aab5985f936aef256d5f97bbf575e78f9c00b5b3449
kapda-450.txt
Posted Nov 27, 2006
Authored by trueend5 | Site kapda.ir

KAPDA Advisory - CuteNews version 1.4.5 suffers from multiple cross site scripting, local file inclusion, and other vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | 4c60f4a2e8964c418a42187809d6a4b9bd58f8e9ddce32d159c9cd5222384229
Secunia Security Advisory 23045
Posted Nov 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - trueend5 has discovered some vulnerabilities in CuteNews, which can be exploited by malicious users to conduct script insertion attacks and malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 29a5e4030d3b84f15d6990ca1b74e34e413e175ed65849b6d11f28fbd4b11149
cutenews13.txt
Posted Aug 28, 2006
Authored by rUnViRuS | Site worlddefacers.de

Cutenews version 1.3.x suffers from a remote file inclusion flaw.

tags | exploit, remote, file inclusion
SHA-256 | 1425de171552fe0ccd641fa80972dd6143192c3bee9061454bed919f10ca9f54
Secunia Security Advisory 20026
Posted May 9, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - k4p0 has discovered some vulnerabilities in CuteNews, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | ec527f5ec3ca24e162b3cdf710308740cc315529322176982ef9b286a0153044
neo-Advisory-20.txt
Posted May 6, 2006
Authored by K4P0 | Site NeoSecurityTeam.net

CuteNews version 1.4.1 suffers from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 2d3284ee43c5c18d1076a379f080ef8ec6f19ddd8dca6c281a69e3e7a8165290
CuteNews-1.4.1.txt
Posted Apr 28, 2006
Site LoK-Crew.de.am

CuteNews 1.4.1 suffers from XSS.

tags | advisory
SHA-256 | 5907095f8019149d125aa50509e94635b6c059595842c80febd4cd0ce81f8ad4
cutenews1.4.1.txt
Posted Mar 23, 2006
Authored by Hamid Network Security Team | Site hamid.ir

cutenews 1.4.1 allows any user to access arbitrary files due to lack of sanitization of the "archive" parameter.

tags | advisory, arbitrary
SHA-256 | 580b43b3832494e683fa4077eddfe17d7a2d38bf9778028fe8bed5571bda0330
Secunia Security Advisory 19289
Posted Mar 20, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hamid Ebadi has discovered a vulnerability in CuteNews, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 587e01cba039f6d31fee50f24a1bdbbc9b268f24e6d10ad62cc036da42cf2d61
advisory-277.txt
Posted Mar 8, 2006
Authored by Roozbeh Afrasiabi, imei addmimistrator | Site kapda.ir

CuteNews version 1.4.1 is susceptible to cross site scripting attacks.

tags | advisory, xss
SHA-256 | 31d53fdcb05a3ca200a0930c433a38e1acae92216a8e8a3e237f7c63babee278
Secunia Security Advisory 18981
Posted Feb 22, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - imei addmimistrator has discovered a vulnerability in CuteNews, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 7f0bfa96800b64173f1c4db2bd250a67f8a7a11082385ba1e5da38317242a278
Page 1 of 2
Back12Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close