Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-nuke vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-3598
SQL injection vulnerability in the Sections module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the artid parameter in a viewarticle op.
Php-nuke Sections Module
445
VMScore
CVE-2011-3784
Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files.
Phpnuke Php-nuke 8.0
905
VMScore
CVE-2008-4767
Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote malicious users to execute arbitrary code by uploading a file with (1) .htm, (2) .html, or (3) .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of...
Php-nuke Downloadsplus Module
1 EDB exploit
755
VMScore
CVE-2007-0309
SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Francisco Burzi Php-nuke
1 EDB exploit
755
VMScore
CVE-2008-3512
SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php.
Php Nuke Kleinanzeigen Module
1 EDB exploit
445
VMScore
CVE-2005-0996
Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min paramet...
Francisco Burzi Php-nuke 7.6
445
VMScore
CVE-2005-0998
The Web_Links module for PHP-Nuke 7.6 allows remote malicious users to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server.
Francisco Burzi Php-nuke 7.6
450
VMScore
CVE-2005-1000
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Link...
Francisco Burzi Php-nuke 7.6
4 EDB exploits
445
VMScore
CVE-2005-1001
PHP-Nuke 7.6 allows remote malicious users to obtain sensitive information via direct requests to (1) the Surveys module with the file parameter set to comments or (2) 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message.
Francisco Burzi Php-nuke 7.6
668
VMScore
CVE-2005-4715
Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) name, (2) sid, and (3) pid parameters in a POST request, which bypasses security checks that are pe...
Francisco Burzi Php-nuke 7.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »