Postnuke@0.63 Security Vulnerabilities and Issues — Postnuke@0.63 CVE List

Lucene search

Postnuke Software FoundationPostnuke0.63

4 matches found

CVE•added 2006/02/20 10:2 p.m.•51 views

CVE-2006-0800

Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML tags with a trailing "" character by some web browsers but bypasses the blacklist protection in (1) the pnVarCleanFromInput function in pnAPI.php, (2) the pnSecureInp...

2.6CVSS5.7AI score0.07475EPSS

CVE•added 2005/04/21 4:0 a.m.•40 views

CVE-2001-1460

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.

7.5CVSS8.3AI score0.03984EPSS

CVE•added 2005/07/14 4:0 a.m.•36 views

CVE-2001-1521

Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter.

2.6CVSS6AI score0.00346EPSS

CVE•added 2005/07/14 4:0 a.m.•30 views

CVE-2002-1996

Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.

2.6CVSS6AI score0.00504EPSS