Postnuke@0.764 Security Vulnerabilities and Issues — Postnuke@0.764 CVE List

Lucene search

Postnuke Software FoundationPostnuke0.764

3 matches found

CVE•added 2007/01/19 11:28 p.m.•43 views

CVE-2007-0384

Cross-site scripting (XSS) vulnerability in preview in the reviews section in PostNuke 0.764 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.1CVSS5.7AI score0.00664EPSS

CVE•added 2007/01/19 11:28 p.m.•40 views

CVE-2007-0386

Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vectors, related to "an interesting bug."

10CVSS6.5AI score0.00334EPSS

CVE•added 2007/01/19 11:28 p.m.•37 views

CVE-2007-0385

The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output" in FAQ/index.php, possibly involving an undefined id_cat variable.

7.8CVSS6.3AI score0.0041EPSS