Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b, when magic_quotes_gpc is disabled, allows remote authenticated users with Journalist or Editor access to bypass administrative moderation and edit previously submitted articles via a modified id parameter in a doeditnews action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CutePHP CuteNews editnews模块安全绕过漏洞
Vulnerability Description
Cute News 是PHP文本 文章/新闻系统。当magic_quotes_gpc失效时,CutePHP CuteNews 1.4.6版本和8b之前的UTF-8 CuteNews中的editnews模数使作为记者或编辑的远程验证用户可以通过修改doeditnews操作的id参数绕过管理和先前提交的条款编辑。
CVSS Information
N/A
Vulnerability Type
N/A