Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi php-nuke vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0738
Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote malicious users to execute arbitrary SQL via the (1) min or (2) categ parameters.
Francisco Burzi Php-nuke 8.0 Final
NA
CVE-2001-0001
cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.
Francisco Burzi Php-nuke 4.4
NA
CVE-2001-0292
PHP-Nuke 4.4.1a allows remote malicious users to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.
Francisco Burzi Php-nuke 4.4.1a
NA
CVE-2002-1803
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag.
Francisco Burzi Php-nuke 6.0
1 EDB exploit
NA
CVE-2006-6234
Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other versions, allow remote malicious users to execute arbitrary SQL commands via (1) the cid parameter in a list_pages_categories action or (2) the pid parameter in a showpage action.
Francisco Burzi Php-nuke 6.0
NA
CVE-2004-0736
The search module in Php-Nuke allows remote malicious users to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message.
Francisco Burzi Php-nuke 8.0 Final
NA
CVE-2001-0854
PHP-Nuke 5.2 allows remote malicious users to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.
Francisco Burzi Php-nuke 5.2
NA
CVE-2007-0372
Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote malicious users to execute arbitrary SQL commands via (1) the active parameter in admin/modules/modules.php; the (2) ad_class, (3) imageurl, (4) clickurl, (5) ad_code, or (6) position parameter in...
Francisco Burzi Php-nuke 7.9
NA
CVE-2005-0996
Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min paramet...
Francisco Burzi Php-nuke 7.6
NA
CVE-2005-0997
Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote malicious users to execute arbitrary SQL commands via (1) the email or url parameters in the Add function, (2) the url parameter in the modifylinkrequestS function, (3) the orderby or min...
Francisco Burzi Php-nuke 7.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »