Vulnerabilities > CVE-2006-4563 - Cross-Site Scripting vulnerability in PHPnuke Myheadlines 4.3.1

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
phpnuke
exploit available
NVD
Published: 2006-09-06
Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the myh_op parameter to modules.php.

Vulnerable Configurations

Part Description Count
Application
Phpnuke
1

Exploit-Db

descriptionPHP-Nuke MyHeadlines 4.3.1 Module Cross-Site Scripting Vulnerability. CVE-2006-4563. Webapps exploit for php platform
idEDB-ID:28487
last seen2016-02-03
modified2006-09-04
published2006-09-04
reporterThomas Pollet
sourcehttps://www.exploit-db.com/download/28487/
titlePHP-Nuke MyHeadlines 4.3.1 Module Cross-Site Scripting Vulnerability

References