What is the severity of CVE-2005-1023?

CVE-2005-1023 is classified as a medium severity vulnerability due to its ability to execute arbitrary web scripts via cross-site scripting.

How do I fix CVE-2005-1023?

To fix CVE-2005-1023, upgrade PHP-Nuke to version 7.7 or later, where the vulnerability has been addressed.

What systems are affected by CVE-2005-1023?

CVE-2005-1023 affects PHP-Nuke versions from 6.x to 7.6, including various beta and release candidates.

What are the implications of CVE-2005-1023?

The implications of CVE-2005-1023 include the potential for attackers to inject malicious scripts that can compromise user data or session integrity.

Is CVE-2005-1023 still a concern for modern applications?

While CVE-2005-1023 may not be a concern for applications using updated versions of PHP-Nuke, it remains important for users of older versions to apply necessary patches.

Vulnerability/
CVE-2005-1023

medium

4.3

CWE

NVD-CWE-Other 79

9/4/2005

7/8/2024

CVE-2005-1023: XSS

First published: Sat Apr 09 2005(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x to 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) min parameter to the Search module, (2) the categories parameter to the FAQ module, or (3) the ltr parameter to the Encyclopedia module. NOTE: the bid parameter issue in banners.php is already an item in CVE-2005-1000.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
PHP-Nuke	=6.5_beta1
PHP-Nuke	=6.5
PHP-Nuke	=7.0
PHP-Nuke	=7.4
PHP-Nuke	=7.5
PHP-Nuke	=7.2
PHP-Nuke	=7.0_final
PHP-Nuke	=6.5_rc2
PHP-Nuke	=7.3
PHP-Nuke	=6.5_rc3
PHP-Nuke	=7.6
PHP-Nuke	=6.0
PHP-Nuke	=6.5_final
PHP-Nuke	=6.7
PHP-Nuke	=6.6
PHP-Nuke	=6.9
PHP-Nuke	=7.1
PHP-Nuke	=6.5_rc1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-1023?
CVE-2005-1023 is classified as a medium severity vulnerability due to its ability to execute arbitrary web scripts via cross-site scripting.
How do I fix CVE-2005-1023?
To fix CVE-2005-1023, upgrade PHP-Nuke to version 7.7 or later, where the vulnerability has been addressed.
What systems are affected by CVE-2005-1023?
CVE-2005-1023 affects PHP-Nuke versions from 6.x to 7.6, including various beta and release candidates.
What are the implications of CVE-2005-1023?
The implications of CVE-2005-1023 include the potential for attackers to inject malicious scripts that can compromise user data or session integrity.
Is CVE-2005-1023 still a concern for modern applications?
While CVE-2005-1023 may not be a concern for applications using updated versions of PHP-Nuke, it remains important for users of older versions to apply necessary patches.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/last-modified-date
agent/severity
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/francisco burzi
canonical/php-nuke
version/php-nuke/6.5_beta1
version/php-nuke/6.5
version/php-nuke/7.0
version/php-nuke/7.4
version/php-nuke/7.5
version/php-nuke/7.2
version/php-nuke/7.0_final
version/php-nuke/6.5_rc2
version/php-nuke/7.3
version/php-nuke/6.5_rc3
version/php-nuke/7.6
version/php-nuke/6.0
version/php-nuke/6.5_final
version/php-nuke/6.7
version/php-nuke/6.6
version/php-nuke/6.9
version/php-nuke/7.1
version/php-nuke/6.5_rc1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.