Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpnuke php-nuke vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0679
SQL injection vulnerability in index.php in the Your_Account module in PHP-Nuke 7.8 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username variable (Nickname field).
Francisco Burzi Php-nuke Ev 7.8
NA
CVE-2007-3332
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote malicious users to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload action.
Php-nuke Satel Lite
1 EDB exploit
NA
CVE-2008-6779
SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.
Phpnuke Sarkilar Module
1 EDB exploit
NA
CVE-2008-0827
SQL injection vulnerability in the Books module of PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Phpnuke Book
1 EDB exploit
NA
CVE-2006-4563
Cross-site scripting (XSS) vulnerability in the MyHeadlines prior to 4.3.2 module for PHP-Nuke allows remote malicious users to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
Phpnuke Myheadlines
1 EDB exploit
NA
CVE-2008-0880
SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the page_id parameter.
Phpnuke Easycontent Module
1 EDB exploit
NA
CVE-2008-1220
SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Phpnuke 4nchat 0.91
1 EDB exploit
NA
CVE-2006-0163
SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote malicious users to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792...
Francisco Burzi Php-nuke Ev 7.7 R1
1 EDB exploit
NA
CVE-2008-1053
Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote malicious users to execute arbitrary SQL commands via the artid parameter in a (1) viewarticle or (2) printpage action to modules.php.
Phpnuke Kose Yazilari Module
1 EDB exploit
NA
CVE-2008-0879
SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a viewlink action.
Phpnuke Web Links Module
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »