Cutenews Search.php Cross-Site Scripting Vulnerability Network Vulnerability

Summary

The remote web server contains a PHP script that is affected by a cross-site scripting issue. Description: The version of Cutenews installed on the remote host fails to sanitize input to the 'search.php' script before using it to generate dynamic HTML to be returned to the user. An unauthenticated attacker can exploit this issue to execute a cross-site scripting attack. This version of Cutenews is also likely affected by other associated issues.

Solution

Unknown at this time.

Severity

Classification

CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Afian 'includer.php' Directory Traversal Vulnerability
Advanced Image Hosting Cross Site Scripting Vulnerability
Apache Tomcat TroubleShooter Servlet Installed
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability

Cutenews search.php Cross-Site Scripting Vulnerability

Take action and discover your vulnerabilities