Lucene search

[email protected]NVD:CVE-2004-0660

HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0660

2004-08-0604:00:00

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.9

Confidence

High

EPSS

0.008

Percentile

82.0%

JSON

Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter.

Affected configurations

Nvd

Node

cutephpcutenewsMatch0.88

cutephpcutenewsMatch1.3

cutephpcutenewsMatch1.3.1

VendorProductVersionCPE
cutephpcutenews0.88cpe:2.3:a:cutephp:cutenews:0.88:*:*:*:*:*:*:*
cutephpcutenews1.3cpe:2.3:a:cutephp:cutenews:1.3:*:*:*:*:*:*:*
cutephpcutenews1.3.1cpe:2.3:a:cutephp:cutenews:1.3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cutephp	cutenews	0.88	cpe:2.3:a:cutephp:cutenews:0.88:::::::*
cutephp	cutenews	1.3	cpe:2.3:a:cutephp:cutenews:1.3:::::::*
cutephp	cutenews	1.3.1	cpe:2.3:a:cutephp:cutenews:1.3.1:::::::*

References

marc.info/?l=bugtraq&m=108844000409449&w=2

www.swp-zone.org/archivos/advisory-06.txt

exchange.xforce.ibmcloud.com/vulnerabilities/16525

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.9

Confidence

High

EPSS

0.008

Percentile

82.0%

JSON

Related for NVD:CVE-2004-0660

openvas3 exploitdb5 cve1 cvelist1