Details of VAR-200412-0932

ID

VAR-200412-0932

CVE

CVE-2004-2019

TITLE

PHP-Nuke Multiple input validation vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-200412-932

DESCRIPTION

The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. PHP-Nuke incorrectly handles the data submitted by users in many places. Remote attackers can use this vulnerability to conduct cross-site scripting, path disclosure, sensitive information disclosure and other attacks. A. Path Leakage The \"WebLinks\" module lacks filtering for the \"show\" variable, which can lead to path leaks: http://localhost/nuke73/modules.php?name=Web_Links&l_op=viewlink&cid=1&show=foobar Warning: Division by zero in D:\apache_wwwroot\nuke73\modules\Web_Links\index.php on\line 774 B. Multiple modules lack adequate filtering of variables, which can lead to cross-site scripting attacks and leak sensitive information of target users: http:// localhost/nuke73/modules.php?name=News&file=article&sid=1&optionbox=[xss code \here] http://localhost/nuke73/modules.php?name=Statistics&op=DailyStats&year=2004&month=5&da\te=[xss code here ] http://localhost/nuke73/modules.php?name=Stories_Archive&sa=show_month&year=[xss code\here]&month=05&month_l=May\http://localhost/nuke73/modules

Trust: 0.99

sources: NVD: CVE-2004-2019 // VULHUB: VHN-10447

AFFECTED PRODUCTS

vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.7	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.0	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.2	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.6	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.3	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_rc2	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_rc3	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.1	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.9	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.0_final	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_final	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.0	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_rc1	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_beta1	Trust: 1.0

sources: CNNVD: CNNVD-200412-932 // NVD: CVE-2004-2019

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-2019
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200412-932
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-10447
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-2019
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-10447
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-10447 // CNNVD: CNNVD-200412-932 // NVD: CVE-2004-2019

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2019

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-932

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200412-932

EXTERNAL IDS

db:	NVD	id:	CVE-2004-2019	Trust: 1.7
db:	BID	id:	10367	Trust: 1.7
db:	SECUNIA	id:	11625	Trust: 1.7
db:	CNNVD	id:	CNNVD-200412-932	Trust: 0.7
db:	BUGTRAQ	id:	20040517 [WARAXE-2004-SA#030 - MULTIPLE VULNERABILITIES IN PHPNUKE 6.X - 7.3]	Trust: 0.6
db:	NSFOCUS	id:	6459	Trust: 0.6
db:	XF	id:	16170	Trust: 0.6
db:	VULHUB	id:	VHN-10447	Trust: 0.1

sources: VULHUB: VHN-10447 // CNNVD: CNNVD-200412-932 // NVD: CVE-2004-2019

REFERENCES

url:	http://www.securityfocus.com/bid/10367	Trust: 1.7
url:	http://secunia.com/advisories/11625	Trust: 1.7
url:	http://www.waraxe.us/index.php?modname=sa&id=29	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/16170	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=108482957715299&w=2	Trust: 1.0
url:	http://xforce.iss.net/xforce/xfdb/16170	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=108482957715299&w=2	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/6459	Trust: 0.6
url:	http://marc.info/?l=bugtraq&m=108482957715299&w=2	Trust: 0.1
url:	http://www.waraxe.us/index.php?modname=sa&id=29	Trust: 0.1

sources: VULHUB: VHN-10447 // CNNVD: CNNVD-200412-932 // NVD: CVE-2004-2019

CREDITS

Janek Vind waraxe※ come2waraxe@yahoo.com

Trust: 0.6

sources: CNNVD: CNNVD-200412-932

SOURCES

db:	VULHUB	id:	VHN-10447
db:	CNNVD	id:	CNNVD-200412-932
db:	NVD	id:	CVE-2004-2019

LAST UPDATE DATE

2024-08-14T13:40:16.031000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-10447	date:	2017-07-11T00:00:00
db:	CNNVD	id:	CNNVD-200412-932	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-2019	date:	2017-07-11T01:31:33.420

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-10447	date:	2004-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200412-932	date:	2004-05-17T00:00:00
db:	NVD	id:	CVE-2004-2019	date:	2004-12-31T05:00:00