Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpnuke php-nuke vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5092
Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in an ACCEPT_FILE array parameter to modules.php.
Multimedia Dance Music Module For Phpnuke
1 EDB exploit
NA
CVE-2007-4212
Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote malicious users to inject arbitrary web script or HTML via a trailing "<" instead of a ">" in (1) the onerror attribute of an IMG element, (2) the onload at...
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke 7.9
Phpnuke Php-nuke 8.0
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 7.0
Phpnuke Php-nuke 7.6
NA
CVE-2007-3332
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote malicious users to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload action.
Php-nuke Satel Lite
1 EDB exploit
NA
CVE-2007-1519
Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948.
Phpnuke Php-nuke
NA
CVE-2007-1520
The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and previous versions does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote malicious users to conduct CSRF attacks.
Phpnuke Php-nuke 5.6
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke 7.9
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 7.0
Phpnuke Php-nuke 6.5
Phpnuke Php-nuke 7.6
NA
CVE-2007-1449
Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the lang parameter.
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke 7.9
Phpnuke Php-nuke 8.0
Phpnuke Php-nuke 8.0.0
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 7.0
Phpnuke Php-nuke 7.6
NA
CVE-2007-1450
SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and previous versions allows remote malicious users to execute arbitrary SQL commands in the Top or News module via the lang parameter.
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke 7.9
Phpnuke Php-nuke 8.0.0
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 7.0
Phpnuke Php-nuke 7.6
NA
CVE-2006-5525
Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and previous versions allows remote malicious users to conduct SQL injection attacks via (1) "/**/UNION " or (2) " UNION/**/" sequences, which are not rejected by the protection mechanism, as d...
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 7.0
Phpnuke Php-nuke 7.6
1 EDB exploit
NA
CVE-2006-5494
Multiple PHP remote file inclusion vulnerabilities in modules/My_eGallery/public/displayCategory.php in the pandaBB module for PHP-Nuke allow remote malicious users to execute arbitrary PHP code via a URL in the (1) adminpath or (2) basepath parameters. NOTE: this issue might ove...
Phpnuke Php-nuke 8.0
1 EDB exploit
NA
CVE-2006-4563
Cross-site scripting (XSS) vulnerability in the MyHeadlines prior to 4.3.2 module for PHP-Nuke allows remote malicious users to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
Phpnuke Myheadlines
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »