CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2752

Cross-site scripting (XSS) vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.7%

CVSS Severity

CVSS v2 Score 4.3

References

http://securitytracker.com/id?1008629
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-01/0015.html
http://www.gulftech.org/01032004.php
http://securitytracker.com/id?1008629
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-01/0015.html
http://www.gulftech.org/01032004.php

Products affected by CVE-2004-2752

Postnuke Software Foundation » Postnuke » Version: 0.726

cpe:2.3:a:postnuke_software_foundation:postnuke:0.726

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2752

Products

Pricing

Contact Us