Lucene search

[email protected]CVE-2004-0265

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0265

2004-11-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0265

cross-site scripting

xss vulnerability

php-nuke

modules.php

remote code execution

security vulnerability

6.9 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.7%

JSON

Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attackers to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules.

CPENameOperatorVersion
francisco_burzi:php-nukefrancisco burzi php-nukeeq6.5_beta1
francisco_burzi:php-nukefrancisco burzi php-nukeeq6.5
francisco_burzi:php-nukefrancisco burzi php-nukeeq7.0
francisco_burzi:php-nukefrancisco burzi php-nukeeq7.0_final
francisco_burzi:php-nukefrancisco burzi php-nukeeq6.5_rc2
francisco_burzi:php-nukefrancisco burzi php-nukeeq6.5_rc3
francisco_burzi:php-nukefrancisco burzi php-nukeeq6.0
francisco_burzi:php-nukefrancisco burzi php-nukeeq6.5_final
francisco_burzi:php-nukefrancisco burzi php-nukeeq6.7
francisco_burzi:php-nukefrancisco burzi php-nukeeq6.6

CPE	Name	Operator	Version
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	6.5_beta1
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	6.5
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	7.0
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	7.0_final
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	6.5_rc2
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	6.5_rc3
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	6.0
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	6.5_final
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	6.7
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	6.6

Rows per page:

1-10 of 131

References

marc.info/?l=bugtraq&m=107634727520936&w=2

www.securityfocus.com/bid/9605

www.securityfocus.com/bid/9613

exchange.xforce.ibmcloud.com/vulnerabilities/15076

6.9 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.7%

JSON