CVE-2005-1778
https://notcve.org/view.php?id=CVE-2005-1778
Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to inject arbitrary web script or HTML via the start parameter. • http://marc.info/?l=bugtraq&m=111721364707520&w=2 http://news.postnuke.com/Article2691.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2005-1695
https://notcve.org/view.php?id=CVE-2005-1695
Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_url parameter to magpie_slashbox.php, or the url parameter to (2) magpie_simple.php or (3) magpie_debug.php. • http://marc.info/?l=bugtraq&m=111670482500552&w=2 http://marc.info/?l=bugtraq&m=111670506926649&w=2 http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2691 •
CVE-2005-1699
https://notcve.org/view.php?id=CVE-2005-1699
Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. (dot dot) in the skin parameter. • http://marc.info/?l=bugtraq&m=111670586322172&w=2 •
CVE-2005-1694
https://notcve.org/view.php?id=CVE-2005-1694
Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia module in PostNuke 0.750 allow remote attackers to execute arbitrary SQL commands via the (1) name or (2) module parameter. • http://marc.info/?l=bugtraq&m=111670823128472&w=2 http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2691 •
CVE-2005-1700
https://notcve.org/view.php?id=CVE-2005-1700
SQL injection vulnerability in pnadmin.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to execute arbitrary SQL commands via the riga[0] parameter. • http://marc.info/?l=bugtraq&m=111670586322172&w=2 •