Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi php-nuke 6.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1400
Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 up to and including 6.0 allows remote malicious users to inject arbitrary web script or HTML via the user_avatar parameter.
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 5.5
Francisco Burzi Php-nuke 5.4
Francisco Burzi Php-nuke 5.2a
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 5.6
Francisco Burzi Php-nuke 6.0
1 EDB exploit
NA
CVE-2004-1999
Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x up to and including 7.2 allows remote malicious users to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php.
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.8
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
NA
CVE-2004-1998
The Downloads module in Php-Nuke 6.x up to and including 7.2 allows remote malicious users to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.8
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
NA
CVE-2005-3016
Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke prior to 7.9 Final have unknown impact and attack vectors.
Francisco Burzi Php-nuke
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.8
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
NA
CVE-2006-0676
Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote malicious users to inject arbitrary web script or HTML via the pagetitle parameter.
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
1 EDB exploit
NA
CVE-2006-0805
The CAPTCHA functionality in php-Nuke 6.0 up to and including 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote malicious users to bypass CAPTCHA controls by fixing the User Agent, performing a valid...
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
1 EDB exploit
NA
CVE-2004-0265
Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote malicious users to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules.
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
1 EDB exploit
NA
CVE-2004-0266
SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote malicious users to obtain the administrator password via the c_mid parameter.
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
1 EDB exploit
NA
CVE-2004-0269
SQL injection vulnerability in PHP-Nuke 6.9 and previous versions, and possibly 7.x, allows remote malicious users to inject arbitrary SQL code and gain sensitive information via (1) the category variable in the Search module or (2) the admin variable in the Web_Links module.
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 1.0
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 2.5
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 5.5
Francisco Burzi Php-nuke 5.4
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 5.2a
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 5.6
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
2 EDB exploits
NA
CVE-2005-0433
Php-Nuke 7.5 allows remote malicious users to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message.
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »