Vulnerability Database

313,663

Total vulnerabilities in the database

CVE-2005-3592

index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot slash) in the archive parameter.

Published: Nov 16, 2005
Updated: Nov 9, 2025
CVE: CVE-2005-3592
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cutephp / cutenews	-	1.4.0.x

http://marc.info/?l=bugtraq&m=113140342029880&w=2
http://www.securityinfo.ru/2005/11/____cutenews_140.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo