Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-nuke vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2003-0318
Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and previous versions allows remote malicious users to insert arbitrary web script via the year parameter.
Francisco Burzi Php-nuke
7.5
CVSSv2
CVE-2008-3512
SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php.
Php Nuke Kleinanzeigen Module
1 EDB exploit
7.5
CVSSv2
CVE-2008-0907
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Php-nuke Inhalt Module
1 EDB exploit
7.5
CVSSv2
CVE-2008-0922
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
Php-nuke Manuales 0.1
1 EDB exploit
4.3
CVSSv2
CVE-2002-1803
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag.
Francisco Burzi Php-nuke 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2001-0292
PHP-Nuke 4.4.1a allows remote malicious users to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.
Francisco Burzi Php-nuke 4.4.1a
5
CVSSv2
CVE-2001-0321
opendir.php script in PHP-Nuke allows remote malicious users to read arbitrary files by specifying the filename as an argument to the requesturl parameter.
Francisco Burzi Php-nuke 8.0 Final
7.5
CVSSv2
CVE-2006-0907
SQL injection vulnerability in PHP-Nuke prior to 7.8 Patched 3.2 allows remote malicious users to execute arbitrary SQL commands via encoded /%2a (/*) sequences in the query string, which bypasses regular expressions that are intended to protect against SQL injection, as demonstr...
Francisco Burzi Php-nuke 7.8
7.5
CVSSv2
CVE-2006-0908
PHP-Nuke 7.8 Patched 3.2 allows remote malicious users to bypass SQL injection protection mechanisms via /%2a (/*) sequences with the "ad_click" word in the query string, as demonstrated via the kala parameter.
Francisco Burzi Php-nuke 7.8 Patched 3.2
7.5
CVSSv2
CVE-2007-0372
Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote malicious users to execute arbitrary SQL commands via (1) the active parameter in admin/modules/modules.php; the (2) ad_class, (3) imageurl, (4) clickurl, (5) ad_code, or (6) position parameter in...
Francisco Burzi Php-nuke 7.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »