CVE Vulnerabilities

CVE-2004-0663

Published: Aug 06, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote attackers to inject arbitrary script or HTML via the (1) id parameter to the (a) private_messages module; (2) search parameter to the (b) links and (c) content modules; and (3) files parameter to the gallery module.

Affected Software

Name Vendor Start Version End Version
Powerportal Powerportal 1.1b (including) 1.1b (including)
Powerportal Powerportal 1.3 (including) 1.3 (including)
Powerportal Powerportal 1.3b (including) 1.3b (including)

References