Francisco Burzi » Php-nuke » 6.6 : Security Vulnerabilities, CVEs, Published In 2005 (XSS)

cpe:2.3:a:francisco_burzi:php-nuke:6.6:*:*:*:*:*:*:*

CVE-2005-1027

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in the Your_Account module, (2) avatarcategory parameter in the Your_Account module, or (3) lid parameter in the Downloads module.
Max CVSS
4.3
EPSS Score
0.26%
Published
2005-05-02
Updated
2017-07-11

CVE-2005-1023

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x to 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) min parameter to the Search module, (2) the categories parameter to the FAQ module, or (3) the ltr parameter to the Encyclopedia module. NOTE: the bid parameter issue in banners.php is already an item in CVE-2005-1000.
Max CVSS
4.3
EPSS Score
0.22%
Published
2005-05-02
Updated
2017-07-11

CVE-2005-0434

Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via (1) the newdownloadshowdays parameter in a NewDownloads operation or (2) the newlinkshowdays parameter in a NewLinks operation.
Max CVSS
4.3
EPSS Score
0.53%
Published
2005-02-15
Updated
2017-07-11
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close