CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0663

Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote attackers to inject arbitrary script or HTML via the (1) id parameter to the (a) private_messages module; (2) search parameter to the (b) links and (c) content modules; and (3) files parameter to the gallery module.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.7%

CVSS Severity

CVSS v2 Score 6.8

References

http://marc.info/?l=bugtraq&m=108844362627811&w=2
http://www.swp-zone.org/archivos/advisory-07.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/16528
http://marc.info/?l=bugtraq&m=108844362627811&w=2
http://www.swp-zone.org/archivos/advisory-07.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/16528

Products affected by CVE-2004-0663

Powerportal » Powerportal » Version: 1.1b

cpe:2.3:a:powerportal:powerportal:1.1b
Powerportal » Powerportal » Version: 1.3

cpe:2.3:a:powerportal:powerportal:1.3
Powerportal » Powerportal » Version: 1.3b

cpe:2.3:a:powerportal:powerportal:1.3b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0663

Products

Pricing

Contact Us