CVE-2007-4212
Published Aug 8, 2007
Last updated 6 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "<" instead of a ">" in (1) the onerror attribute of an IMG element, (2) the onload attribute of an IFRAME element, or (3) redirect users to other sites via the META tag.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5E8572B-43BE-4068-929F-2B6FAA9EF959"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8882C59-6721-4925-8EB6-1C54455BD03B"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C6F6110-F77B-42CE-BAD0-0AEAFC04E982"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "017A5AD3-CD1C-41E0-B53D-3881C31F7463"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68BA9153-537A-4CC5-A3E8-DE4FCF49EB52"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7481433-4DFA-4D32-BA93-FBEAC37D8D67"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85535C0D-C858-4AF8-8350-EFBF74609CBB"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CC4F979-7F10-4F0D-96AD-5EE88E437897"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A3B4A35-6019-468E-89FA-BC2EEADB7D31"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "575CFD4C-90CB-4D38-94F9-3D7915B2F054"
},
{
"criteria": "cpe:2.3:a:phpnuke:php-nuke:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4DB1D99-9F35-43A2-AD72-4B495B5F31BE"
}
],
"operator": "OR"
}
]
}
]