Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 31/12/2004 Updated: 19/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x up to and including 7.3 allow remote malicious users to inject arbitrary HTML or web script into the (1) optionbox parameter in the News module, (2) date parameter in the Statistics module, (3) year, month, and month_1 parameters in the Stories_Archive module, (4) mode, order, and thold parameters in the Surveys module, or (5) a SQL statement to index.php, as processed by mainfile.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
francisco burzi php-nuke 6.5_rc2
francisco burzi php-nuke 6.5_rc3
francisco burzi php-nuke 7.2
francisco burzi php-nuke 7.3
francisco burzi php-nuke 6.5_final
francisco burzi php-nuke 6.5_rc1
francisco burzi php-nuke 7.0_final
francisco burzi php-nuke 7.1
francisco burzi php-nuke 6.0
francisco burzi php-nuke 6.5
francisco burzi php-nuke 6.5_beta1
francisco burzi php-nuke 6.9
francisco burzi php-nuke 7.0
francisco burzi php-nuke 6.6
francisco burzi php-nuke 6.7

NVD-CWE-Other http://www.waraxe.us/index.php?modname=sa&id=29 http://www.securityfocus.com/bid/10367 http://secunia.com/advisories/11625 http://www.osvdb.org/6225 http://www.osvdb.org/6226 http://marc.info/?l=bugtraq&m=108482957715299&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16172 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2020

Vulnerability Summary

References

Vulmon Search

About

Products

Connect