Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi php-nuke 7.8 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-3792
Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions prior to 7.9 with patch 3.1, allows remote malicious users to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type.
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-5720
SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and previous versions allows remote malicious users to execute arbitrary SQL commands via the forwhat parameter.
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke
1 EDB exploit
4.3
CVSSv2
CVE-2005-4260
Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote malicious users to perform cross-site scripting (XSS) attacks by replacing the ">" in the tag with a "<", which bypasses the regular expressions that sanitize the da...
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.9
1 EDB exploit
7.5
CVSSv2
CVE-2006-6200
Multiple SQL injection vulnerabilities in the (1) rate_article and (2) rate_complete functions in modules/News/index.php in the News module in Francisco Burzi PHP-Nuke 7.9 and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary ...
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.8 Patched 3.2
4.3
CVSSv2
CVE-2006-0676
Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote malicious users to inject arbitrary web script or HTML via the pagetitle parameter.
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.7
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.3
1 EDB exploit
7.5
CVSSv2
CVE-2006-0805
The CAPTCHA functionality in php-Nuke 6.0 up to and including 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote malicious users to bypass CAPTCHA controls by fixing the User Agent, performing a valid...
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.7
1 EDB exploit
7.5
CVSSv2
CVE-2006-0907
SQL injection vulnerability in PHP-Nuke prior to 7.8 Patched 3.2 allows remote malicious users to execute arbitrary SQL commands via encoded /%2a (/*) sequences in the query string, which bypasses regular expressions that are intended to protect against SQL injection, as demonstr...
Francisco Burzi Php-nuke 7.8
7.5
CVSSv2
CVE-2006-1847
SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote malicious users to execute arbitrary SQL commands via the user_id parameter in the Your_Home functionality. NOTE: the provenance of this information is unknown; the details are obtained sol...
Francisco Burzi Php-nuke 7.8
4.3
CVSSv2
CVE-2006-1846
Cross-site scripting (XSS) vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote malicious users to inject arbitrary HTML and web script via the ublock parameter, which is saved in the user's personal menu. NOTE: the provenance of this information is u...
Francisco Burzi Php-nuke 7.8
7.5
CVSSv2
CVE-2005-4715
Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) name, (2) sid, and (3) pid parameters in a POST request, which bypasses security checks that are pe...
Francisco Burzi Php-nuke 7.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »