CVE-2009-4665

CuteSoft Components Cute Editor - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Securitylab.ir · textwebappsasp

https://www.exploit-db.com/exploits/8785

View Code ZIP pw:eip

References (3)

[Exploit, Patch] http://www.securityfocus.com/bid/35085

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/50727

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/8785

Scores

EPSS 0.0312

EPSS Percentile 86.6%

Classification

CWE

CWE-22

Status draft

Affected Products (2)

cutesoft_components/cute_editor_for_asp.net

nuget/CuteEditor < 6.6NuGet

Timeline

Published Mar 05, 2010

Tracked Since Feb 18, 2026