var-200112-0177
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext parameters in submit.php, (4) upload parameter in admin.php and (5) fname parameter in friend.php. PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script code. When the link is clicked by an unsuspecting web user, the malicious script code will be executed on the user in the context of the site running PHPNuke. This attack may be used to steal a user's cookie-based authentication credentials for the vulnerable PHPNuke site. PostNuke is also affected by a number of these issues. This problem has also been reported with other scripts included in the PHPNuke package. More specifically, modules.php, upload.php, friend.php and submit.php are also vulnerable under some circumstances. Different parameters to the user.php script may also be sufficient for a cross-site scripting attack. An additional cross-site scripting vulnerability has been reported in modules.php for PostNuke. **It has been reported that the cross-site scripting issue affecting the 'ttitle' parameter of 'modules.php' script has been re-introduced in newer versions of the PHPNuke application. This issue is reported to affect versions 7.2 and prior
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200112-0177", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "5.0", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "5.3.1", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "5.2a", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "5.2", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "5.1", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "4.4", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "4.3", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "3.0", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "5.0.1", }, { model: "php-nuke", scope: "eq", trust: 1.6, vendor: "francisco burzi", version: "4.4.1a", }, { model: "php-nuke", scope: "eq", trust: 1, vendor: "francisco burzi", version: "4.0", }, { model: "development team postnuke", scope: "eq", trust: 0.3, vendor: "postnuke", version: "0.64", }, { model: "development team postnuke", scope: "eq", trust: 0.3, vendor: "postnuke", version: "0.63", }, { model: "development team postnuke", scope: "eq", trust: 0.3, vendor: "postnuke", version: "0.62", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "7.2", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "7.1", }, { model: "burzi php-nuke final", scope: "eq", trust: 0.3, vendor: "francisco", version: "7.0", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "7.0", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.9", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.7", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.6", }, { model: "burzi php-nuke rc3", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.5", }, { model: "burzi php-nuke rc2", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.5", }, { model: "burzi php-nuke rc1", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.5", }, { model: "burzi php-nuke final", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.5", }, { model: "burzi php-nuke beta", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.51", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.5", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "6.0", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "5.3.1", }, { model: "burzi php-nuke a", scope: "eq", trust: 0.3, vendor: "francisco", version: "5.2", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "5.2", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "5.1", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "5.0.1", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "5.0", }, { model: "burzi php-nuke a", scope: "eq", trust: 0.3, vendor: "francisco", version: "4.4.1", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "4.4", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "4.3", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "4.0", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "3.0", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "2.5", }, { model: "burzi php-nuke", scope: "eq", trust: 0.3, vendor: "francisco", version: "1.0", }, { model: "development team postnuke", scope: "ne", trust: 0.3, vendor: "postnuke", version: "0.71", }, { model: "burzi php-nuke", scope: "ne", trust: 0.3, vendor: "francisco", version: "5.5", }, { model: "burzi php-nuke", scope: "ne", trust: 0.3, vendor: "francisco", version: "5.4", }, ], sources: [ { db: "BID", id: "3609", }, { db: "NVD", id: "CVE-2001-1524", }, { db: "CNNVD", id: "CNNVD-200112-201", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:5.2a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:5.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:4.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:4.4.1a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:5.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:francisco_burzi:php-nuke:5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2001-1524", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "This vulnerability was submitted to BugTraq on December 3rd, 2001 by Cabezon Aurlien <aurelien.cabezon@isecurelabs.com>.", sources: [ { db: "CNNVD", id: "CNNVD-200112-201", }, ], trust: 0.6, }, cve: "CVE-2001-1524", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-4325", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2001-1524", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-200112-201", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-4325", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-4325", }, { db: "NVD", id: "CVE-2001-1524", }, { db: "CNNVD", id: "CNNVD-200112-201", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext parameters in submit.php, (4) upload parameter in admin.php and (5) fname parameter in friend.php. PHPNuke is a website creation/maintenance tool. \nPHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script code. When the link is clicked by an unsuspecting web user, the malicious script code will be executed on the user in the context of the site running PHPNuke. \nThis attack may be used to steal a user's cookie-based authentication credentials for the vulnerable PHPNuke site. \nPostNuke is also affected by a number of these issues. \nThis problem has also been reported with other scripts included in the PHPNuke package. More specifically, modules.php, upload.php, friend.php and submit.php are also vulnerable under some circumstances. Different parameters to the user.php script may also be sufficient for a cross-site scripting attack. \nAn additional cross-site scripting vulnerability has been reported in modules.php for PostNuke. \n**It has been reported that the cross-site scripting issue affecting the 'ttitle' parameter of 'modules.php' script has been re-introduced in newer versions of the PHPNuke application. This issue is reported to affect versions 7.2 and prior", sources: [ { db: "NVD", id: "CVE-2001-1524", }, { db: "BID", id: "3609", }, { db: "VULHUB", id: "VHN-4325", }, ], trust: 1.26, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-4325", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-4325", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "BID", id: "3609", trust: 2, }, { db: "NVD", id: "CVE-2001-1524", trust: 1.7, }, { db: "CNNVD", id: "CNNVD-200112-201", trust: 0.7, }, { db: "XF", id: "7654", trust: 0.6, }, { db: "EXPLOIT-DB", id: "21165", trust: 0.1, }, { db: "EXPLOIT-DB", id: "21166", trust: 0.1, }, { db: "SEEBUG", id: "SSVID-75001", trust: 0.1, }, { db: "SEEBUG", id: "SSVID-75002", trust: 0.1, }, { db: "VULHUB", id: "VHN-4325", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-4325", }, { db: "BID", id: "3609", }, { db: "NVD", id: "CVE-2001-1524", }, { db: "CNNVD", id: "CNNVD-200112-201", }, ], }, id: "VAR-200112-0177", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-4325", }, ], trust: 0.01, }, last_update_date: "2023-12-18T12:24:47.045000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2001-1524", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "http://www.securityfocus.com/bid/3609", }, { trust: 1.7, url: "http://prdownloads.sourceforge.net/phpnuke/php-nuke-5.5.tar.gz", }, { trust: 1.7, url: "http://www.iss.net/security_center/static/7654.php", }, { trust: 1.1, url: "http://online.securityfocus.com/archive/82/243545", }, { trust: 1.1, url: "http://online.securityfocus.com/archive/1/245691", }, { trust: 1.1, url: "http://online.securityfocus.com/archive/1/245875", }, { trust: 1.1, url: "http://online.securityfocus.com/archive/82/246603", }, { trust: 0.3, url: "http://www.securityfocus.com/archive/82/246603", }, { trust: 0.3, url: "http://www.irannuke.com/", }, { trust: 0.3, url: "/archive/1/362266", }, ], sources: [ { db: "VULHUB", id: "VHN-4325", }, { db: "BID", id: "3609", }, { db: "NVD", id: "CVE-2001-1524", }, { db: "CNNVD", id: "CNNVD-200112-201", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-4325", }, { db: "BID", id: "3609", }, { db: "NVD", id: "CVE-2001-1524", }, { db: "CNNVD", id: "CNNVD-200112-201", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2001-12-31T00:00:00", db: "VULHUB", id: "VHN-4325", }, { date: "2001-12-03T00:00:00", db: "BID", id: "3609", }, { date: "2001-12-31T05:00:00", db: "NVD", id: "CVE-2001-1524", }, { date: "2001-12-31T00:00:00", db: "CNNVD", id: "CNNVD-200112-201", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2008-09-10T00:00:00", db: "VULHUB", id: "VHN-4325", }, { date: "2001-12-03T00:00:00", db: "BID", id: "3609", }, { date: "2008-09-10T19:10:53.633000", db: "NVD", id: "CVE-2001-1524", }, { date: "2005-10-20T00:00:00", db: "CNNVD", id: "CNNVD-200112-201", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-200112-201", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PHPNuke Multiple cross-site scripting vulnerabilities", sources: [ { db: "CNNVD", id: "CNNVD-200112-201", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-200112-201", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.