CVE Vulnerabilities

CVE-2004-1999

Published: May 05, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php.

Affected Software

Name Vendor Start Version End Version
Php-nuke Francisco_burzi 6.0 6.0
Php-nuke Francisco_burzi 6.5 6.5
Php-nuke Francisco_burzi 6.6 6.6
Php-nuke Francisco_burzi 6.7 6.7
Php-nuke Francisco_burzi 6.8 6.8
Php-nuke Francisco_burzi 6.9 6.9
Php-nuke Francisco_burzi 7.0 7.0
Php-nuke Francisco_burzi 7.1 7.1
Php-nuke Francisco_burzi 7.2 7.2

References