CVE-2004-1818 : Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attac

Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary script as other users by injecting arbitrary script into the z parameter.

Published 2004-03-15 05:00:00

Updated 2017-07-11 01:31:22

Source MITRE

View at NVD, CVE.org

Vulnerability category: Cross site scripting (XSS)

Exploit prediction scoring system (EPSS) score for CVE-2004-1818

Probability of exploitation activity in the next 30 days: 2.17%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-1818

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2004-1818

https://exchange.xforce.ibmcloud.com/vulnerabilities/15497
http://marc.info/?l=bugtraq&m=107937780222514&w=2

CVEs referencing this url
http://www.securityfocus.com/bid/9881

Exploit;Vendor Advisory

CVEs referencing this url

Vulnerability Details : CVE-2004-1818

Exploit prediction scoring system (EPSS) score for CVE-2004-1818

CVSS scores for CVE-2004-1818

References for CVE-2004-1818