CVE-2009-4116

Name of the Vulnerable Software and Affected Versions CutePHP CuteNews version 1.4.6

Description The issue allows remote authenticated users with editor or administrative application access to read arbitrary files via directory traversal vulnerabilities. This can be achieved by using a .. (dot dot) in the source parameter in a list or editnews action to the Editnews module, and the save con[skin] parameter in the Options module. Additionally, the vulnerability in the Options module can be leveraged for code execution by using a .. to include and execute arbitrary local files.

Recommendations For CutePHP CuteNews version 1.4.6, consider disabling the magic quotes gpc setting to mitigate the risk of exploitation. As a temporary workaround, restrict access to the Editnews and Options modules to minimize the risk of exploitation. Avoid using the source parameter in the Editnews module and the save con[skin] parameter in the Options module until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.