Lucene search
HistorySep 06, 2006 - 1:04 a.m.
CVE-2006-4563
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
5.8
Confidence
High
EPSS
0.065
Percentile
93.8%
Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
Affected configurations
Node
phpnukemyheadlinesRange≤4.3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpnuke | myheadlines | * | cpe:2.3:a:phpnuke:myheadlines:*:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
PHP-Nuke MyHeadlines 4.3.1 Module - Cross-Site Scripting
2006-09-04 00:00:00
cvelist
cvelist
CVE-2006-4563
2006-09-06 01:00:00
cve
cve
CVE-2006-4563
2006-09-06 01:04:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
5.8
Confidence
High
EPSS
0.065
Percentile
93.8%
Related for NVD:CVE-2006-4563