Vulnerabilities > CVE-2005-0901 - Cross-Site Scripting vulnerability in Nukebookmarks 0.6

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

nukebookmarks

NVD

Published: 2005-05-02

Updated: 2016-10-18

Summary

Multiple cross-site scripting (XSS) vulnerabilities in NukeBookmarks 0.6 for PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via the (1) catname, (2) markname, (3) comment, or (4) category parameter.

Vulnerable Configurations

Part	Description	Count
Application	Nukebookmarks Nukebookmarks Nukebookmarks 0.6	1

References

http://marc.info/?l=bugtraq&m=111186145609320&w=2
http://nukebookmarks.sourceforge.net/
http://zone-h.org/advisories/read/id=7356