Back to search
CVE-2004-1957
Published: May 10, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlpfile parameter to openwindow.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
10191
vdb-entry
x_refsource_BID
http://www.waraxe.us/index.php?modname=sa&id=22
x_refsource_MISC
20040421 [waraxe-2004-SA#022 - Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2]
mailing-list
x_refsource_BUGTRAQ
postnuke-openwindow-xss(15934)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now