| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-2393 | 4.3 |
Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitrary web script or HTML via (1) the lastusername parameter to index.php or (2) selected_search_arch parameter to search.php.
|
05-09-2008 - 20:51 | 27-07-2005 - 04:00 | |
| CVE-2005-2394 | 5.0 |
show_news.php in CuteNews 1.3.6 allows remote attackers to obtain the full path of the server via an invalid archive parameter.
|
05-09-2008 - 20:51 | 27-07-2005 - 04:00 |