CVE-2005-4260 in PHP-Nukeinformación

Resumen

por MITRE

Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote attackers to perform cross-site scripting (XSS) attacks by replacing the ">" in the tag with a "<", which bypasses the regular expressions that sanitize the data, but is automatically corrected by many web browsers. NOTE: it could be argued that this vulnerability is due to a design limitation of many web browsers; if so, then this should not be treated as a vulnerability in PHP-Nuke.

Once again VulDB remains the best source for vulnerability data.

Reservar

2005-12-15

Divulgación

2005-12-15

Moderación

aceptado

Artículo

VDB-27511

CPE

listo

Explotación

Descargar

EPSS

0.02113

KEV

no

Actividades

muy bajo

Fuentes

Might our Artificial Intelligence support you?

Check our Alexa App!