Lucene search
K

4 matches found

CVE
CVE
added 2005/05/24 4:0 a.m.63 views

CVE-2005-1700

CVE-2005-1700 affects PostNuke 0.760-RC3 via the Xanthia module. The vulnerability is an SQL injection in pnadmin.php exploitable by the riga[0] parameter, allowing remote administrators to execute arbitrary SQL commands. Connected sources corroborate SQL injection in Xanthia/Messages areas and P...

7.5CVSS8.3AI score0.00941EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2005/05/24 4:0 a.m.63 views

CVE-2005-1699

CVE-2005-1699 : A directory traversal vulnerability exists in the Xanthia module’s pnadminapi.php (PostNuke 0.760-RC3). Remote administrators can read arbitrary files by supplying a .. (dot dot) in the skin parameter, enabling partial confidentiality impact. The provided documents do not specify ...

4CVSS6.6AI score0.00981EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2005/05/02 4:0 a.m.14 views

CVE-2005-1049

Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 allow remote attackers to inject arbitrary web script or HTML via the 1 module parameter to admin.php or 2 op parameter to user.php. NOTE: the vendor reports that certain issues could not be reproduced for 760 RC3, or for .750...

2.6CVSS6.1AI score0.0354EPSS
Exploits1References10
Cvelist
Cvelist
added 2005/04/12 4:0 a.m.17 views

CVE-2005-1049

Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 allow remote attackers to inject arbitrary web script or HTML via the 1 module parameter to admin.php or 2 op parameter to user.php. NOTE: the vendor reports that certain issues could not be reproduced for 760 RC3, or for .750...

6.1AI score0.0354EPSS
Exploits1References10
Rows per page
Query Builder