CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
93.2%
PHP remote file inclusion vulnerability in inc/shows.inc.php in cutenews aj-fork (CN:AJ) 167f and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter.
Vendor | Product | Version | CPE |
---|---|---|---|
cutenews_aj-fork | cutenews_aj-fork | beta | cpe:2.3:a:cutenews_aj-fork:cutenews_aj-fork:beta:*:*:*:*:*:*:* |