CVE-2005-1876

Publication date

2005-06-07 04:00:00

Family

mitre

State

PUBLISHED

Description

Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file.