Published: 21/04/2004 Updated: 11/07/2017

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 270

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote malicious users to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlpfile parameter to openwindow.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product

source: wwwsecurityfocuscom/bid/10191/info Multiple vulnerabilities were reported to exist in PostNuke Phoenix The following specific vulnerabilities were reported: - Multiple path disclosure vulnerabilities that occur when a user directly requests scripts in the "/includes/blocks/" and "pnadodb" directories This issue also affects sc ...

source: wwwsecurityfocuscom/bid/8374/info It has been reported that a cross site scripting vulnerability exists in the Downlaods and Web_Links modules of PostNuke It is possible that an attacker may construct a link containing malicious script code that could be executed in a browser of a user who visits the link Exploitation could all ...

NVD-CWE-Other http://www.waraxe.us/index.php?modname=sa&id=22 http://www.securityfocus.com/bid/10191 http://marc.info/?l=bugtraq&m=108258902000472&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15934 https://nvd.nist.gov https://www.exploit-db.com/exploits/24037/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1957

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect