Postnuke@0.726 Security Vulnerabilities and Issues — Postnuke@0.726 CVE List

Lucene search

Postnuke Software FoundationPostnuke0.726

2 matches found

CVE•added 2007/11/14 2:0 a.m.•32 views

CVE-2004-2752

Cross-site scripting (XSS) vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action.

4.3CVSS6.1AI score0.00254EPSS

CVE•added 2007/11/14 2:0 a.m.•31 views

CVE-2004-2751

SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter.

6.8CVSS8.9AI score0.00783EPSS