CVE

CVE-2002-1995

Date: (C)2002-12-31   (M)2023-12-22

Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE

Reference:

http://archives.neohapsis.com/archives/vuln-dev/2002-q1/0048.html

BID-3807

phpnuke-phptonuke-css(7837)