Postnuke@0.703 Security Vulnerabilities and Issues — Postnuke@0.703 CVE List

Lucene search

Postnuke Software FoundationPostnuke0.703

4 matches found

CVE•added 2006/02/20 10:2 p.m.•51 views

CVE-2006-0800

Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML tags with a trailing "" character by some web browsers but bypasses the blacklist protection in (1) the pnVarCleanFromInput function in pnAPI.php, (2) the pnSecureInp...

2.6CVSS5.7AI score0.07475EPSS

CVE•added 2002/07/03 4:0 a.m.•44 views

CVE-2002-0535

Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.

5CVSS7.2AI score0.0792EPSS

CVE•added 2005/07/14 4:0 a.m.•37 views

CVE-2002-2015

PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.

7.5CVSS7.7AI score0.02624EPSS

CVE•added 2005/07/14 4:0 a.m.•30 views

CVE-2002-1996

Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.

2.6CVSS6AI score0.00504EPSS