Lucene search
HistoryFeb 15, 2005 - 5:00 a.m.
CVE-2005-0434
cve
2005
0434
xss
vulnerabilities
php-nuke 7.5
remote attackers
html
web script
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.1%
Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via (1) the newdownloadshowdays parameter in a NewDownloads operation or (2) the newlinkshowdays parameter in a NewLinks operation.
Affected configurations
Node
francisco_burziphp-nukeMatch6.0
ORfrancisco_burziphp-nukeMatch6.5
ORfrancisco_burziphp-nukeMatch6.5_beta1
ORfrancisco_burziphp-nukeMatch6.5_final
ORfrancisco_burziphp-nukeMatch6.5_rc1
ORfrancisco_burziphp-nukeMatch6.5_rc2
ORfrancisco_burziphp-nukeMatch6.5_rc3
ORfrancisco_burziphp-nukeMatch6.6
ORfrancisco_burziphp-nukeMatch6.7
ORfrancisco_burziphp-nukeMatch6.9
ORfrancisco_burziphp-nukeMatch7.0
ORfrancisco_burziphp-nukeMatch7.0_final
ORfrancisco_burziphp-nukeMatch7.1
ORfrancisco_burziphp-nukeMatch7.2
ORfrancisco_burziphp-nukeMatch7.3
ORfrancisco_burziphp-nukeMatch7.6
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.1%
Related for CVE-2005-0434