Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postnuke vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2007-1158
Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 up to and including 6.3.0 beta 5 module for PostNuke allows remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter.
Postnuke Software Foundation Pagesetter 6.3.0
Postnuke Software Foundation Pagesetter 6.2
1 EDB exploit
755
VMScore
CVE-2007-3584
SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and previous versions for Postnuke allows remote malicious users to execute arbitrary SQL commands via the order parameter.
Postnuke Software Foundation Pnphpbb2
1 EDB exploit
685
VMScore
CVE-2008-2191
SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and previous versions for PostNuke allows remote malicious users to execute arbitrary SQL commands via the id parameter in a display_term action to index.php.
Postnuke Software Foundation Pnencyclopedia
1 EDB exploit
755
VMScore
CVE-2007-3052
SQL injection vulnerability in index.php in the PNphpBB2 1.2i and previous versions module for PostNuke allows remote malicious users to execute arbitrary SQL commands via the c parameter.
Postnuke Software Foundation Pnphpbb
1 EDB exploit
668
VMScore
CVE-2002-0739
Cross-site scripting in PostCalendar 3.02 allows remote malicious users to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.
Postnuke Software Foundation Postcalendar 3.0
755
VMScore
CVE-2008-2012
SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote malicious users to execute arbitrary SQL commands via the eid parameter in an event action.
Postnuke Software Foundation Postschedule 1.0
1 EDB exploit
668
VMScore
CVE-2004-1787
SQL injection vulnerability in PostCalendar 4.0.0 allows remote malicious users to execute arbitrary SQL commands via search queries.
Postnuke Software Foundation Postcalendar 4.0.0
755
VMScore
CVE-2006-4968
PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Postnuke Software Foundation Pnphpbb 1.2g
1 EDB exploit
668
VMScore
CVE-2001-0911
PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote malicious users to gain privileges by stealing or sniffing the cookie and decoding it.
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 5.3.1
Postnuke Software Foundation Postnuke 0.64
755
VMScore
CVE-2006-0147
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP prior to 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote ma...
Moodle Moodle 1.5.3
Postnuke Software Foundation Postnuke 0.761
The Cacti Group Cacti 0.8.6g
Mantis Mantis 0.19.4
Mantis Mantis 1.0.0 Rc4
John Lim Adodb 4.66
John Lim Adodb 4.68
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »