Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi php-nuke 7.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5720
SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and previous versions allows remote malicious users to execute arbitrary SQL commands via the forwhat parameter.
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke
Francisco Burzi Php-nuke 7.1
1 EDB exploit
NA
CVE-2004-1998
The Downloads module in Php-Nuke 6.x up to and including 7.2 allows remote malicious users to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.8
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
NA
CVE-2004-1999
Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x up to and including 7.2 allows remote malicious users to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php.
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.8
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
NA
CVE-2005-4260
Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote malicious users to perform cross-site scripting (XSS) attacks by replacing the ">" in the tag with a "<", which bypasses the regular expressions that sanitize the da...
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.1
1 EDB exploit
NA
CVE-2005-3016
Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke prior to 7.9 Final have unknown impact and attack vectors.
Francisco Burzi Php-nuke
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.8
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
NA
CVE-2005-3792
Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions prior to 7.9 with patch 3.1, allows remote malicious users to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type.
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.1
1 EDB exploit
NA
CVE-2006-6200
Multiple SQL injection vulnerabilities in the (1) rate_article and (2) rate_complete functions in modules/News/index.php in the News module in Francisco Burzi PHP-Nuke 7.9 and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary ...
Francisco Burzi Php-nuke 7.8 Patched 3.2
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.1
NA
CVE-2006-0676
Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote malicious users to inject arbitrary web script or HTML via the pagetitle parameter.
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
1 EDB exploit
NA
CVE-2004-0265
Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote malicious users to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules.
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
1 EDB exploit
NA
CVE-2004-0266
SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote malicious users to obtain the administrator password via the c_mid parameter.
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »