Details of VAR-200505-1007

ID

VAR-200505-1007

CVE

CVE-2005-1027

TITLE

PHP-Nuke Your_Account Cross-site scripting vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200505-408

DESCRIPTION

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in the Your_Account module, (2) avatarcategory parameter in the Your_Account module, or (3) lid parameter in the Downloads module. It is reported that the PHP-Nuke 'Your_Account' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials. This vulnerability is reported to affect PHP-Nuke version 7.6 and previous versions

Trust: 2.07

sources: NVD: CVE-2005-1027 // BID: 13007 // BID: 13010 // BID: 13011 // BID: 7570 // VULHUB: VHN-12236

AFFECTED PRODUCTS

vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.7	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.0	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.4	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.1	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.6	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.2	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.3	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.6	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.5	Trust: 1.6
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.0_final	Trust: 1.6
vendor:	francisco	model:	burzi php-nuke rc3	scope:	eq	version:	6.5	Trust: 1.2
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	6.5	Trust: 1.2
vendor:	francisco	model:	burzi php-nuke rc2	scope:	eq	version:	6.5	Trust: 1.2
vendor:	francisco	model:	burzi php-nuke rc1	scope:	eq	version:	6.5	Trust: 1.2
vendor:	francisco	model:	burzi php-nuke final	scope:	eq	version:	6.5	Trust: 1.2
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_rc3	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_rc2	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_final	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.0	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_rc1	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.9	Trust: 1.0
vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	6.5_beta1	Trust: 1.0
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	6.0	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke final	scope:	eq	version:	7.0	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	7.1	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	7.2	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	7.0	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	6.7	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke beta	scope:	eq	version:	6.51	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	7.6	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	7.3	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	6.9	Trust: 0.9
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	6.6	Trust: 0.9

sources: BID: 13007 // BID: 13010 // BID: 13011 // BID: 7570 // CNNVD: CNNVD-200505-408 // NVD: CVE-2005-1027

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-1027
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200505-408
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-12236
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-1027
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-12236
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-12236 // CNNVD: CNNVD-200505-408 // NVD: CVE-2005-1027

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1027

THREAT TYPE

network

Trust: 1.2

sources: BID: 13007 // BID: 13010 // BID: 13011 // BID: 7570

TYPE

Input Validation Error

Trust: 1.2

sources: BID: 13007 // BID: 13010 // BID: 13011 // BID: 7570

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-12236

EXTERNAL IDS

db:	NVD	id:	CVE-2005-1027	Trust: 2.6
db:	BID	id:	7570	Trust: 2.0
db:	CNNVD	id:	CNNVD-200505-408	Trust: 0.7
db:	BUGTRAQ	id:	20050404 [SECURITYREASON.COM] FULL PATH DISCLOSURE AND XSS IN PHPNUKE PART 3	Trust: 0.6
db:	BUGTRAQ	id:	20030511 PHPNUKE "YOUR ACCOUNT" XSS VULNERABILITY	Trust: 0.6
db:	XF	id:	11994	Trust: 0.6
db:	BID	id:	13010	Trust: 0.4
db:	BID	id:	13011	Trust: 0.4
db:	BID	id:	13007	Trust: 0.3
db:	SEEBUG	id:	SSVID-79004	Trust: 0.1
db:	EXPLOIT-DB	id:	25341	Trust: 0.1
db:	VULHUB	id:	VHN-12236	Trust: 0.1

sources: VULHUB: VHN-12236 // BID: 13007 // BID: 13010 // BID: 13011 // BID: 7570 // CNNVD: CNNVD-200505-408 // NVD: CVE-2005-1027

REFERENCES

url:	http://www.securityfocus.com/bid/7570	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/321324	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/11994	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=111272010303144&w=2	Trust: 1.0
url:	/archive/1/394971	Trust: 0.9
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=111272010303144&w=2	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/11994	Trust: 0.6
url:	http://www.ncc.org.ve/php-nuke.php3?op=english	Trust: 0.3
url:	/archive/1/321324	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=111272010303144&w=2	Trust: 0.1

sources: VULHUB: VHN-12236 // BID: 13007 // BID: 13010 // BID: 13011 // BID: 7570 // CNNVD: CNNVD-200505-408 // NVD: CVE-2005-1027

CREDITS

Discovery of this issues is credited to sp3x <sp3x@securityreason.com>.

Trust: 1.5

sources: BID: 13007 // BID: 13010 // BID: 13011 // CNNVD: CNNVD-200505-408

SOURCES

db:	VULHUB	id:	VHN-12236
db:	BID	id:	13007
db:	BID	id:	13010
db:	BID	id:	13011
db:	BID	id:	7570
db:	CNNVD	id:	CNNVD-200505-408
db:	NVD	id:	CVE-2005-1027

LAST UPDATE DATE

2024-08-14T13:51:05.309000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-12236	date:	2017-07-11T00:00:00
db:	BID	id:	13007	date:	2009-07-12T11:56:00
db:	BID	id:	13010	date:	2009-07-12T11:56:00
db:	BID	id:	13011	date:	2009-07-12T11:56:00
db:	BID	id:	7570	date:	2003-05-13T00:00:00
db:	CNNVD	id:	CNNVD-200505-408	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-1027	date:	2017-07-11T01:32:30.140

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-12236	date:	2005-05-02T00:00:00
db:	BID	id:	13007	date:	2005-04-05T00:00:00
db:	BID	id:	13010	date:	2005-04-05T00:00:00
db:	BID	id:	13011	date:	2005-04-05T00:00:00
db:	BID	id:	7570	date:	2003-05-13T00:00:00
db:	CNNVD	id:	CNNVD-200505-408	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2005-1027	date:	2005-05-02T04:00:00