Sign-up

ID

VAR-200509-0133


CVE

CVE-2005-3016


TITLE

PHP-Nuke WYSIWYG Multiple unspecified vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-200509-189

DESCRIPTION

Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors. PHP-Nuke is prone to a remote security vulnerability. PHP Nuke is a professional content management system (CMS). The complete solution of PHP-Nuke is suitable for anyone who wants to build their own portal website. It includes news management, advertisement management, forum system, voting system, FAQ system, IP Shielding system, knowledge encyclopedia, e-newsletter, etc. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: PHP-Nuke Unspecified wysiwyg Editor Vulnerabilities SECUNIA ADVISORY ID: SA16843 VERIFY ADVISORY: http://secunia.com/advisories/16843/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: >From remote SOFTWARE: PHP-Nuke 7.x http://secunia.com/product/2385/ DESCRIPTION: Some potential vulnerabilities have been reported in PHP-Nuke with unknown impacts . SOLUTION: Update to version 7.9. http://www.phpnuke.org/modules.php?name=Release PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.phpnuke.org/modules.php?name=News&file=article&sid=7435 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-3016 // BID: 89300 // VULHUB: VHN-14225 // PACKETSTORM: 40072

AFFECTED PRODUCTS

vendor:francisco burzimodel:php-nukescope:eqversion:7.3

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.0

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.8

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.7

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.6

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.2

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.0

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.1

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.9

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.6

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:lteversion:7.8

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.7

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.5

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.4

Trust: 1.0

sources: NVD: CVE-2005-3016 // CNNVD: CNNVD-200509-189

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2005-3016
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200509-189
value: CRITICAL

Trust: 0.6

VULHUB: VHN-14225
value: HIGH

Trust: 0.1

NVD:
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

VULHUB: VHN-14225
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-14225 // NVD: CVE-2005-3016 // CNNVD: CNNVD-200509-189

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3016

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200509-189

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200509-189

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2005-3016

EXTERNAL IDS
db:NVDid:CVE-2005-3016
Trust: 2.0
db:SECUNIAid:16843
Trust: 1.8
db:CNNVDid:CNNVD-200509-189
Trust: 0.7
db:BIDid:89300
Trust: 0.3
db:VULHUBid:VHN-14225
Trust: 0.1
db:PACKETSTORMid:40072
Trust: 0.1
sources:
            
            
            VULHUB: VHN-14225 // 
            
            
            
            BID: 89300 // 
            
            
            
            PACKETSTORM: 40072 // 
            
            
            
            NVD: CVE-2005-3016 // 
            
            
            
            CNNVD: CNNVD-200509-189

REFERENCES
url:http://www.phpnuke.org/modules.php?name=news&file=article&sid=7435
Trust: 2.0
url:http://secunia.com/advisories/16843
Trust: 1.7
url:http://www.phpnuke.org/modules.php?name=news&file=article&sid=7435
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://www.phpnuke.org/modules.php?name=release
Trust: 0.1
url:http://secunia.com/product/2385/
Trust: 0.1
url:http://secunia.com/secunia_vacancies/
Trust: 0.1
url:http://secunia.com/advisories/16843/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-14225 // 
            
            
            
            BID: 89300 // 
            
            
            
            PACKETSTORM: 40072 // 
            
            
            
            NVD: CVE-2005-3016 // 
            
            
            
            CNNVD: CNNVD-200509-189

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 89300

SOURCES
db:VULHUBid:VHN-14225
db:BIDid:89300
db:PACKETSTORMid:40072
db:NVDid:CVE-2005-3016
db:CNNVDid:CNNVD-200509-189

LAST UPDATE DATE
2023-12-18T12:13:29.681000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-14225date:2008-09-05T00:00:00
db:BIDid:89300date:2016-07-06T14:34:00
db:NVDid:CVE-2005-3016date:2008-09-05T20:53:14.267
db:CNNVDid:CNNVD-200509-189date:2006-09-22T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-14225date:2005-09-21T00:00:00
db:BIDid:89300date:2005-09-21T00:00:00
db:PACKETSTORMid:40072date:2005-09-16T19:27:29
db:NVDid:CVE-2005-3016date:2005-09-21T21:03:00
db:CNNVDid:CNNVD-200509-189date:2005-09-21T00:00:00