CVE-2004-1829

Description

Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pagetitle or (2) error parameters, or (3) certain parameters in the error log.

Affected Software
References

Software	From	Fixed in
error_manager / php-nuke_module	2.1	2.1.x

http://marc.info/?l=bugtraq&m=107963064317560&w=2
http://secunia.com/advisories/11164
http://www.osvdb.org/4384
http://www.securityfocus.com/bid/9911
https://exchange.xforce.ibmcloud.com/vulnerabilities/15529
https://exchange.xforce.ibmcloud.com/vulnerabilities/15530

Severity: Low

CVE: CVE-2004-1829
Published: Mar 18, 2004
Updated: Apr 13, 2023
Exploit:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CVE-2004-1829

Description

Details

CVSS v2