Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postnuke software foundation postnuke vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1996
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
Postnuke Software Foundation Postnuke 0.71
Postnuke Software Foundation Postnuke 0.63
Postnuke Software Foundation Postnuke 0.64
Postnuke Software Foundation Postnuke 0.703
Postnuke Software Foundation Postnuke 0.70
Postnuke Software Foundation Postnuke 0.62
Postnuke Software Foundation Postnuke 0.7
NA
CVE-2002-2015
PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote malicious users to include arbitrary files and possibly execute code via the caselist parameter.
Postnuke Software Foundation Postnuke 0.703
1 EDB exploit
NA
CVE-2002-0739
Cross-site scripting in PostCalendar 3.02 allows remote malicious users to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.
Postnuke Software Foundation Postcalendar 3.0
NA
CVE-2002-0535
Cross-site scripting vulnerabilities in PostBoard 2.0.1 and previous versions allows remote malicious users to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.
Postnuke Software Foundation Postnuke 0.71
Postboard Postboard 2.0.1
Postnuke Software Foundation Postnuke 0.64
Postnuke Software Foundation Postnuke 0.703
Postboard Postboard 2.0
Postnuke Software Foundation Postnuke 0.70
2 EDB exploits
NA
CVE-2001-1521
Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote malicious users to inject arbitrary web script or HTML via the uname parameter.
Postnuke Software Foundation Postnuke 0.63
Postnuke Software Foundation Postnuke 0.64
Postnuke Software Foundation Postnuke 0.62
NA
CVE-2001-0911
PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote malicious users to gain privileges by stealing or sniffing the cookie and decoding it.
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 5.1
Postnuke Software Foundation Postnuke 0.64
Francisco Burzi Php-nuke 5.2
NA
CVE-2001-1460
SQL injection vulnerability in article.php in PostNuke 0.62 up to and including 0.64 allows remote malicious users to bypass authentication via the user parameter.
Postnuke Software Foundation Postnuke 0.63
Postnuke Software Foundation Postnuke 0.64
Postnuke Software Foundation Postnuke 0.62
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267
XML injection
CVE-2024-37673
CVE-2024-6266
CVE-2024-30078
arbitrary
CVE-2024-36886
CVE-2024-5346
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5