Lucene search
MitreCVE-2005-0616HistoryMar 02, 2005 - 5:00 a.m.
CVE-2005-0616
2005-03-0205:00:00
mitre
web.nvd.nist.gov
32
cve-2005-0616
cross-site scripting
xss
postnuke
download module
security vulnerability
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.002
Percentile
58.8%
Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables.
Affected configurations
Node
postnuke_software_foundationpostnuke_phoenixMatch0.750
ORpostnuke_software_foundationpostnuke_phoenixMatch0.760_rc2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| postnuke_software_foundation | postnuke_phoenix | 0.750 | cpe:2.3:a:postnuke_software_foundation:postnuke_phoenix:0.750:*:*:*:*:*:*:* |
| postnuke_software_foundation | postnuke_phoenix | 0.760_rc2 | cpe:2.3:a:postnuke_software_foundation:postnuke_phoenix:0.760_rc2:*:*:*:*:*:*:* |
Related
nessus
nessus
FreeBSD : postnuke -- XSS (XSS) vulnerabilities (7e580822-8cd8-11d9-8c81-000a95bc6fae)
2005-07-13 00:00:00
PostNuke <= 0.760 RC2 Multiple Vulnerabilities
2005-03-01 00:00:00
cvelist
cvelist
CVE-2005-0616
2005-03-02 05:00:00
freebsd
freebsd
postnuke -- cross-site scripting (XSS) vulnerabilities
2005-02-28 00:00:00
nvd
nvd
CVE-2005-0616
2005-02-28 05:00:00
openvas
openvas
FreeBSD Ports: postnuke
2008-09-04 00:00:00
FreeBSD Ports: postnuke
2008-09-04 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.002
Percentile
58.8%
Related for CVE-2005-0616