Postnuke Software Foundation : Security Vulnerabilities, CVEs, Published In 2002 (XSS)
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
Max CVSS
2.6
EPSS Score
1.85%
Published
2002-12-31
Updated
2008-09-05
Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.
Max CVSS
7.5
EPSS Score
0.65%
Published
2002-08-12
Updated
2008-09-05
Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.
Max CVSS
5.0
EPSS Score
4.74%
Published
2002-07-03
Updated
2017-07-11
3 vulnerabilities found