Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0185

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0185
Last Modified 07 Mar 2011 09:29:32
Published 12 Jan 2006 01:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0185

Summary

Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) News Modules in Php-Nuke allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.

Vulnerable Systems

Application

  • Php-nuke News Module

  • Php-nuke Pool Module


References

VUPEN - ADV-2006-0125

BID - 16192

BUGTRAQ - 20060107 Php-Nuke Pool and News Module IMG Tag Cross Site

SECUNIA - 18374


Last Updated: 27 May 2016 10:41:34