Sign-up

ID

VAR-200404-0098


CVE

CVE-2004-1930


TITLE

PHP-Nuke CookieDecode Remote cross-site scripting vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200404-016

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie. Reportedly PHP-NuKe is prone to a remote cross-site scripting vulnerability. This issue is due to a failure of the 'cookiedecode()' function to properly sanitize user supplied cookie parameters. These issues could permit a remote attacker to create a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. The mainfile.php script cookiedecode() function included in PHP-Nuke lacks sufficient filtering for input submitted by users. The \'\'cookiedecode()\'\' function incorrectly filters the cookie parameters provided by the user, and the attacker builds a malicious connection to lure the user to visit, which can cause malicious code to be executed on the user's browser, allowing the attacker to obtain the sensitive information of the target user. information

Trust: 1.26

sources: NVD: CVE-2004-1930 // BID: 10128 // VULHUB: VHN-10359

AFFECTED PRODUCTS

vendor:francisco burzimodel:php-nukescope:eqversion:7.2

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.0

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.6

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc2

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc3

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc1

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_beta1

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.1

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_final

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.9

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.0_final

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.0

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.7

Trust: 1.0

vendor:franciscomodel:burzi php-nukescope:eqversion:7.2

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.1

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.9

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.7

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.6

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc3scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc2scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc1scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke betascope:eqversion:6.51

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.0

Trust: 0.3

sources: BID: 10128 // CNNVD: CNNVD-200404-016 // NVD: CVE-2004-1930

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-1930
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200404-016
value: MEDIUM

Trust: 0.6

VULHUB: VHN-10359
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2004-1930
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10359
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10359 // CNNVD: CNNVD-200404-016 // NVD: CVE-2004-1930

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1930

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200404-016

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200404-016

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-10359

EXTERNAL IDS
db:BIDid:10128
Trust: 2.0
db:SECUNIAid:11347
Trust: 1.7
db:NVDid:CVE-2004-1930
Trust: 1.7
db:CNNVDid:CNNVD-200404-016
Trust: 0.7
db:XFid:15842
Trust: 0.6
db:BUGTRAQid:20040412 [WARAXE-2004-SA#016 - CROSS-SITE SCRIPTING AKA XSS IN PHPNUKE 6.X-7.2 PART 3]
Trust: 0.6
db:EXPLOIT-DBid:23990
Trust: 0.1
db:SEEBUGid:SSVID-77729
Trust: 0.1
db:VULHUBid:VHN-10359
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10359 // 
            
            
            
            BID: 10128 // 
            
            
            
            CNNVD: CNNVD-200404-016 // 
            
            
            
            NVD: CVE-2004-1930

REFERENCES
url:http://www.securityfocus.com/bid/10128
Trust: 1.7
url:http://secunia.com/advisories/11347
Trust: 1.7
url:http://www.waraxe.us/index.php?modname=sa&id=16
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/15842
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=108182759214035&w=2
Trust: 1.0
url:http://xforce.iss.net/xforce/xfdb/15842
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=108182759214035&w=2
Trust: 0.6
url:http://www.zone.ee/waraxe/?modname=sa&id=016
Trust: 0.3
url:http://www.irannuke.com/
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=108182759214035&w=2
Trust: 0.1
url:http://www.waraxe.us/index.php?modname=sa&id=16
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10359 // 
            
            
            
            BID: 10128 // 
            
            
            
            CNNVD: CNNVD-200404-016 // 
            
            
            
            NVD: CVE-2004-1930

CREDITS
Janek Vind※ come2waraxe@yahoo.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200404-016

SOURCES
db:VULHUBid:VHN-10359
db:BIDid:10128
db:CNNVDid:CNNVD-200404-016
db:NVDid:CVE-2004-1930

LAST UPDATE DATE
2024-11-23T22:20:19.868000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-10359date:2017-07-11T00:00:00
db:BIDid:10128date:2004-04-13T00:00:00
db:CNNVDid:CNNVD-200404-016date:2005-10-20T00:00:00
db:NVDid:CVE-2004-1930date:2024-11-20T23:52:05.183

SOURCES RELEASE DATE
db:VULHUBid:VHN-10359date:2004-04-12T00:00:00
db:BIDid:10128date:2004-04-13T00:00:00
db:CNNVDid:CNNVD-200404-016date:2004-04-12T00:00:00
db:NVDid:CVE-2004-1930date:2004-04-12T04:00:00