Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1803Cross-site Scripting in Burzi Php-nuke

4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 63.40%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Francisco Burzi Php-nuke
Timeline
PublishedDec 31
Latest updateApr 30

Description

Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-97x7-4c95-pxm9: Cross-site scripting (XSS) vulnerability in PHP-Nuke 62022-04-30
CVEList
CVE-2002-1803: Cross-site scripting (XSS) vulnerability in PHP-Nuke 62005-06-28

💥Exploits & PoCs

1
Exploit-DB
PHP-Nuke 6.0 - News Message HTML Injection2002-09-25