Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postnuke software foundation postnuke vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2005-0615
Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote malicious users to execute arbitrary SQL code via the catid parameter.
Postnuke Software Foundation Postnuke 0.760 Rc2
668
VMScore
CVE-2005-1048
SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote malicious users to execute arbitrary SQL statements via the sid parameter. NOTE: the vendor reports that they could not reproduce the issues for 760 RC3, or for .750.
Postnuke Software Foundation Postnuke 0.760 Rc3
270
VMScore
CVE-2005-1049
Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 allow remote malicious users to inject arbitrary web script or HTML via the (1) module parameter to admin.php or (2) op parameter to user.php. NOTE: the vendor reports that certain issues could not be reproduced ...
Postnuke Software Foundation Postnuke 0.760 Rc3
2 EDB exploits
445
VMScore
CVE-2005-1050
The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote malicious users to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message.
Postnuke Software Foundation Postnuke 0.760 Rc3
694
VMScore
CVE-2006-6267
PostNuke 0.7.5.0, and certain minor versions, allows remote malicious users to obtain sensitive information via a non-numeric value of the stop parameter, which reveals the path in an error message.
Postnuke Software Foundation Postnuke 0.7.5.0
505
VMScore
CVE-2007-1158
Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 up to and including 6.3.0 beta 5 module for PostNuke allows remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter.
Postnuke Software Foundation Pagesetter 6.3.0
Postnuke Software Foundation Pagesetter 6.2
1 EDB exploit
755
VMScore
CVE-2007-2492
SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment action.
Postnuke Software Foundation Postnuke V4bjournal Module 0.99
1 EDB exploit
755
VMScore
CVE-2007-3584
SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and previous versions for Postnuke allows remote malicious users to execute arbitrary SQL commands via the order parameter.
Postnuke Software Foundation Pnphpbb2
1 EDB exploit
755
VMScore
CVE-2007-3052
SQL injection vulnerability in index.php in the PNphpBB2 1.2i and previous versions module for PostNuke allows remote malicious users to execute arbitrary SQL commands via the c parameter.
Postnuke Software Foundation Pnphpbb
1 EDB exploit
685
VMScore
CVE-2008-2191
SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and previous versions for PostNuke allows remote malicious users to execute arbitrary SQL commands via the id parameter in a display_term action to index.php.
Postnuke Software Foundation Pnencyclopedia
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »