Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

php-nuke news module vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2006-0185
Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) News Modules in Php-Nuke allow remote malicious users to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.
Php-nuke News ModulePhp-nuke Pool Module
NA
CVE-2014-3934
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote malicious users to execute arbitrary SQL commands via the topics[] parameter to modules.php.
Phpnuke Php-nuke 8.3Phpnuke Submit News Module -
NA
CVE-2004-0265
Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote malicious users to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules.
Francisco Burzi Php-nuke 6.5 Beta1Francisco Burzi Php-nuke 6.5 FinalFrancisco Burzi Php-nuke 7.0 FinalFrancisco Burzi Php-nuke 7.1Francisco Burzi Php-nuke 6.5 Rc3Francisco Burzi Php-nuke 6.6Francisco Burzi Php-nuke 6.7Francisco Burzi Php-nuke 6.0Francisco Burzi Php-nuke 6.5Francisco Burzi Php-nuke 6.9Francisco Burzi Php-nuke 7.0Francisco Burzi Php-nuke 6.5 Rc1Francisco Burzi Php-nuke 6.5 Rc2
NA
CVE-2007-1450
SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and previous versions allows remote malicious users to execute arbitrary SQL commands in the Top or News module via the lang parameter.
Phpnuke Php-nuke 7.4Phpnuke Php-nuke 7.5Phpnuke Php-nuke 7.6Phpnuke Php-nuke 7.7Phpnuke Php-nuke 7.2Phpnuke Php-nuke 7.3Phpnuke Php-nuke 8.0.0Phpnuke Php-nuke 7.0Phpnuke Php-nuke 7.1Phpnuke Php-nuke 7.8Phpnuke Php-nuke 7.9
NA
CVE-2006-6200
Multiple SQL injection vulnerabilities in the (1) rate_article and (2) rate_complete functions in modules/News/index.php in the News module in Francisco Burzi PHP-Nuke 7.9 and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary ...
Francisco Burzi Php-nuke 7.3Francisco Burzi Php-nuke 7.4Francisco Burzi Php-nuke 7.5Francisco Burzi Php-nuke 7.1Francisco Burzi Php-nuke 7.2Francisco Burzi Php-nuke 7.9Francisco Burzi Php-nuke 7.6Francisco Burzi Php-nuke 7.7Francisco Burzi Php-nuke 7.0Francisco Burzi Php-nuke 7.0 FinalFrancisco Burzi Php-nuke 7.8Francisco Burzi Php-nuke 7.8 Patched 3.2
NA
CVE-2004-2020
Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x up to and including 7.3 allow remote malicious users to inject arbitrary HTML or web script into the (1) optionbox parameter in the News module, (2) date parameter in the Statistics module, (3) year, month, and m...
Francisco Burzi Php-nuke 6.5 Rc2Francisco Burzi Php-nuke 6.5 Rc3Francisco Burzi Php-nuke 7.2Francisco Burzi Php-nuke 7.3Francisco Burzi Php-nuke 6.5 FinalFrancisco Burzi Php-nuke 6.5 Rc1Francisco Burzi Php-nuke 7.0 FinalFrancisco Burzi Php-nuke 7.1Francisco Burzi Php-nuke 6.0Francisco Burzi Php-nuke 6.5Francisco Burzi Php-nuke 6.5 Beta1Francisco Burzi Php-nuke 6.9Francisco Burzi Php-nuke 7.0Francisco Burzi Php-nuke 6.6Francisco Burzi Php-nuke 6.7
NA
CVE-2006-4666
Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote malicious users to execute arbitrary PHP code via a URL in the (1) ide parameter in (a) article.php; or the (2) pwfile parameter in (b) delete.php, (c) modify.php, (d...
Stefan Ernst Newsscript 0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook