CuteNews is a powerful news management system that uses flat-file storage.
CuteNews there is a vulnerability in processing a user-submitted request parameter that a remote attacker could exploit to execute arbitrary commands on the host.
When the admin account edits the template file, CuteNews does not filter the user input correctly. CuteNews gets the HTML code from the Web form and prints it to the template file named <templatename>.tpl. The template file contains PHP code similar to the following:
--snip--
? Php
$template _active = <<[HTML Template Code]
HTML;
$template _full = <<[HTML Template Code]
HTML;
?>
--snap--
Enter the following template script:
--snip--
HTML;
[PHP Code]
$fake _template = <<--snap--
The admin account can execute the PHP code, resulting in the execution of shell commands on the local system.
<* Source: John Cantu (
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
