Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-0461
SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of t...
Francisco Burzi Php-nuke
1 EDB exploit
4.3
CVSSv2
CVE-2003-0318
Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and previous versions allows remote malicious users to insert arbitrary web script via the year parameter.
Francisco Burzi Php-nuke
4.3
CVSSv2
CVE-2002-1803
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag.
Francisco Burzi Php-nuke 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-6376
Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the filename parameter, a different vector than CVE-2006-4190. NOTE: the provenance of this informati...
Francisco Burzi Php-nuke 8.0 Final
1 EDB exploit
7.5
CVSSv2
CVE-2006-6234
Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other versions, allow remote malicious users to execute arbitrary SQL commands via (1) the cid parameter in a list_pages_categories action or (2) the pid parameter in a showpage action.
Francisco Burzi Php-nuke 6.0
5
CVSSv2
CVE-2003-1526
PHP-Nuke 7.0 allows remote malicious users to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message.
Francisco Burzi Php-nuke 7.0
5
CVSSv2
CVE-2005-0996
Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min paramet...
Francisco Burzi Php-nuke 7.6
5
CVSSv2
CVE-2005-0998
The Web_Links module for PHP-Nuke 7.6 allows remote malicious users to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server.
Francisco Burzi Php-nuke 7.6
5
CVSSv2
CVE-2005-1001
PHP-Nuke 7.6 allows remote malicious users to obtain sensitive information via direct requests to (1) the Surveys module with the file parameter set to comments or (2) 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message.
Francisco Burzi Php-nuke 7.6
7.5
CVSSv2
CVE-2007-0372
Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote malicious users to execute arbitrary SQL commands via (1) the active parameter in admin/modules/modules.php; the (2) ad_class, (3) imageurl, (4) clickurl, (5) ad_code, or (6) position parameter in...
Francisco Burzi Php-nuke 7.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »