Unrated severityNVD Advisory· Published Oct 14, 2008· Updated Apr 23, 2026

CVE-2008-4557

Description

plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression.

Affected products

Cutephp/Cutenews
cpe:2.3:a:cutephp:cutenews:1.1.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/28330nvdVendor Advisory
securityreason.com/securityalert/4403nvd
www.osvdb.org/40236nvd
exchange.xforce.ibmcloud.com/vulnerabilities/39450nvd
www.exploit-db.com/exploits/4851nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000