Unrated severityNVD Advisory· Published Mar 20, 2007· Updated Apr 23, 2026

CVE-2007-1519

Description

Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948.

Affected products

Phpnuke/Php Nuke
cpe:2.3:a:phpnuke:php-nuke:*:*:*:*:*:*:*:*
Range: <=8.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

phpfi.com/214668nvdExploitURL Repurposed
www.wisec.it/ush/phpnukexss.htmlnvdExploit
secunia.com/advisories/24629nvd
www.securityfocus.com/archive/1/462308/100/100/threadednvd
www.ush.it/2007/03/09/php-nuke-wild-post-xss/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000