Vulnerability Details CVE-2005-3368
Cross-site scripting (XSS) vulnerability in the Search_Enhanced module in PHP-Nuke 7.9 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://marc.info/?l=bugtraq&m=113038121108780&w=2
- http://secunia.com/advisories/17296/
- http://www.securityfocus.com/bid/15218
- http://www.vupen.com/english/advisories/2005/2225
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22891
- http://marc.info/?l=bugtraq&m=113038121108780&w=2
- http://secunia.com/advisories/17296/
- http://www.securityfocus.com/bid/15218
- http://www.vupen.com/english/advisories/2005/2225
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22891
Products affected by CVE-2005-3368
-
cpe:2.3:a:search_enhanced:search_enhanced:1.1
-
cpe:2.3:a:search_enhanced:search_enhanced:2.0