Vulnerabilities > CVE-2004-2007 - Input Validation vulnerability in Adam Webb NukeJokes Module For PHP-Nuke

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
adam-webb
exploit available

Summary

Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to inject arbitrary HTML or web script via the (1) cat parameter in a CatView function or (2) jokeid parameter in a JokeView function.

Vulnerable Configurations

Part Description Count
Application
Adam_Webb
2

Exploit-Db

descriptionAdam Webb NukeJokes 1.7/2.0 Module Multiple Parameter XSS. CVE-2004-2007. Webapps exploit for php platform
idEDB-ID:24099
last seen2016-02-02
modified2004-05-08
published2004-05-08
reporterJanek Vind
sourcehttps://www.exploit-db.com/download/24099/
titleAdam Webb NukeJokes 1.7/2.0 Module Multiple Parameter XSS