CVE-2005-1027

Loading...

General

Score:4.3/10.0
Severity:Low
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 02/05/05 - Updated on 11/07/17

Description

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in the Your_Account module, (2) avatarcategory parameter in the Your_Account module, or (3) lid parameter in the Downloads module.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2005-1027

Exploits

Exploit-DBEDB-25341
SecurityFocusBID-7570

Relative technologies

VendorProduct
francisco_burziphp-nuke

Share this vulnerability with:

Twitter Facebook LinkedIn Mail