CVE-2004-1960
Protector System 1.15b1 - Cross-Site Scripting via blocker_query.php target or portNum Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-1960. PoCs published by waraxe.
AI-analyzed exploit summary The provided text describes XSS and SQL injection vulnerabilities in Protector System 1.15b1 for PHP-Nuke, with example URLs demonstrating potential exploitation vectors. No actual exploit code is included.
Description
Cross-site scripting (XSS) vulnerability in blocker_query.php in Protector System 1.15b1 allows remote attackers to inject arbitrary web script or HTML via the (1) target or (2) portNum parameters.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by waraxe · textwebappsphp
https://www.exploit-db.com/exploits/24048
The provided text describes XSS and SQL injection vulnerabilities in Protector System 1.15b1 for PHP-Nuke, with example URLs demonstrating potential exploitation vectors. No actual exploit code is included.
Classification
Writeup 90%
Attack Type
Xss | Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
Protector System 1.15b1 for PHP-Nuke
No auth needed
Prerequisites:
Access to the target URL · Vulnerable version of Protector System
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10206
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15965
Exploit x_refsource_misc
http://www.waraxe.us/index.php?modname=sa&id=25
Various Sources x_refsource_confirm
http://protector.warcenter.se/article-53--0-0.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/361300/2004-04-21/2004-04-27/0
Scores
EPSS
0.0174
EPSS Percentile
74.8%
Details
Status
published
Products (1)
protector_system/protector_system
1.15b1
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026