4.3
CVE-2005-2539
- EPSS 2.53%
- Veröffentlicht 10.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:09
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.53% | 0.828 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://marc.info/?l=bugtraq&m=112327238030127&w=2
http://secunia.com/advisories/16330
http://www.rgod.altervista.org/flatnuke.html
http://www.osvdb.org/18551
http://www.osvdb.org/18552
http://www.osvdb.org/18553
http://www.securityfocus.com/bid/14483
https://exchange.xforce.ibmcloud.com/vulnerabilities/21707
https://exchange.xforce.ibmcloud.com/vulnerabilities/21708