Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2004-2293
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-31 Dec, 2004 | 05:00
Updated At-03 Apr, 2025 | 01:03

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) eid parameter or (2) query parameter to the Encyclopedia module, (3) preview_review function in the Reviews module as demonstrated by the url, cover, rlanguage, and hits parameters, or (4) savecomment function in the Reviews module, as demonstrated using the uname parameter. NOTE: the Faq/categories and Encyclopedia/ltr issues are already covered by CVE-2005-1023.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
francisco_burzi
francisco_burzi
>>php-nuke>>6.0
cpe:2.3:a:francisco_burzi:php-nuke:6.0:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.5
cpe:2.3:a:francisco_burzi:php-nuke:6.5:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.5_beta1
cpe:2.3:a:francisco_burzi:php-nuke:6.5_beta1:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.5_final
cpe:2.3:a:francisco_burzi:php-nuke:6.5_final:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.5_rc1
cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc1:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.5_rc2
cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc2:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.5_rc3
cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc3:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.6
cpe:2.3:a:francisco_burzi:php-nuke:6.6:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.7
cpe:2.3:a:francisco_burzi:php-nuke:6.7:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>6.9
cpe:2.3:a:francisco_burzi:php-nuke:6.9:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>7.0
cpe:2.3:a:francisco_burzi:php-nuke:7.0:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>7.0_final
cpe:2.3:a:francisco_burzi:php-nuke:7.0_final:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>7.1
cpe:2.3:a:francisco_burzi:php-nuke:7.1:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>7.2
cpe:2.3:a:francisco_burzi:php-nuke:7.2:*:*:*:*:*:*:*
francisco_burzi
francisco_burzi
>>php-nuke>>7.3
cpe:2.3:a:francisco_burzi:php-nuke:7.3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://secunia.com/advisories/11852cve@mitre.org
Vendor Advisory
http://www.osvdb.org/6997cve@mitre.org
Exploit
http://www.osvdb.org/6998cve@mitre.org
Exploit
http://www.osvdb.org/6999cve@mitre.org
Exploit
http://www.securityfocus.com/archive/1/365865cve@mitre.org
Exploit
http://www.securityfocus.com/bid/10524cve@mitre.org
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/16406cve@mitre.org
N/A
http://secunia.com/advisories/11852af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.osvdb.org/6997af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.osvdb.org/6998af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.osvdb.org/6999af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.securityfocus.com/archive/1/365865af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.securityfocus.com/bid/10524af854a3a-2127-422b-91ae-364da2661108
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/16406af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://secunia.com/advisories/11852
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.osvdb.org/6997
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.osvdb.org/6998
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.osvdb.org/6999
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.securityfocus.com/archive/1/365865
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.securityfocus.com/bid/10524
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/16406
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/11852
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.osvdb.org/6997
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.osvdb.org/6998
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.osvdb.org/6999
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.securityfocus.com/archive/1/365865
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.securityfocus.com/bid/10524
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/16406
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found