Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpnuke vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-1602
PHP remote file inclusion vulnerability in includes/functions_common.php in the VWar Account module (vWar_Account) in PHPNuke Clan 3.0.1 allows remote malicious users to include arbitrary files via a URL in the vwar_root2 parameter. NOTE: it is possible that this issue stems from...
Phpnuke-clan Phpnuke-clan 3.0.1
755
VMScore
CVE-2014-3934
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote malicious users to execute arbitrary SQL commands via the topics[] parameter to modules.php.
Phpnuke Php-nuke 8.3
Phpnuke Submit News Module -
1 EDB exploit
578
VMScore
CVE-2003-1340
Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote malicious users to execute arbitrary SQL commands via an aid (admin) cook...
Phpnuke Php-nuke 6.5
Phpnuke Php-nuke 5.6
755
VMScore
CVE-2010-5083
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
Phpnuke Php-nuke 8.0
Phpnuke Web Links Module -
1 EDB exploit
755
VMScore
CVE-2008-0827
SQL injection vulnerability in the Books module of PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Phpnuke Book
1 EDB exploit
685
VMScore
CVE-2006-4563
Cross-site scripting (XSS) vulnerability in the MyHeadlines prior to 4.3.2 module for PHP-Nuke allows remote malicious users to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
Phpnuke Myheadlines
1 EDB exploit
755
VMScore
CVE-2008-6779
SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.
Phpnuke Sarkilar Module
1 EDB exploit
755
VMScore
CVE-2008-0880
SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the page_id parameter.
Phpnuke Easycontent Module
1 EDB exploit
445
VMScore
CVE-2005-1028
PHP-Nuke 6.x up to and including 7.6 allows remote malicious users to obtain sensitive information via a direct request to (1) index.php with the forum_admin parameter set, (2) the Surveys module, or (3) the Your_Account module, which reveals the path in a PHP error message.
Phpnuke Php-nuke
755
VMScore
CVE-2008-1220
SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Phpnuke 4nchat 0.91
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »