Lucene search
HistoryNov 12, 2008 - 9:09 p.m.
CVE-2008-5039
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
56.0%
Cross-site scripting (XSS) vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php.
Affected configurations
Node
phpnukephp-nuke
php-nukeleague_module
ORphp-nukeleague_moduleMatch2.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpnuke | php-nuke | * | cpe:2.3:a:phpnuke:php-nuke:*:*:*:*:*:*:*:* |
| php-nuke | league_module | * | cpe:2.3:a:php-nuke:league_module:*:*:*:*:*:*:*:* |
| php-nuke | league_module | 2.4 | cpe:2.3:a:php-nuke:league_module:2.4:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2008-11-12 21:09:00
cve
cve
CVE-2008-5039
2008-11-12 21:09:03
exploitdb
exploitdb
PHP-Nuke Nuke League Module - 'tid' Cross-Site Scripting
2008-10-28 00:00:00
cvelist
cvelist
CVE-2008-5039
2008-11-12 20:18:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
56.0%
Related for NVD:CVE-2008-5039