Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-0997
Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote malicious users to execute arbitrary SQL commands via (1) the email or url parameters in the Add function, (2) the url parameter in the modifylinkrequestS function, (3) the orderby or min...
Francisco Burzi Php-nuke 7.6
1 EDB exploit
5
CVSSv2
CVE-2005-0998
The Web_Links module for PHP-Nuke 7.6 allows remote malicious users to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server.
Francisco Burzi Php-nuke 7.6
4.3
CVSSv2
CVE-2005-1000
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Link...
Francisco Burzi Php-nuke 7.6
4 EDB exploits
5
CVSSv2
CVE-2005-1001
PHP-Nuke 7.6 allows remote malicious users to obtain sensitive information via direct requests to (1) the Surveys module with the file parameter set to comments or (2) 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message.
Francisco Burzi Php-nuke 7.6
7.5
CVSSv2
CVE-2001-0001
cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.
Francisco Burzi Php-nuke 4.4
4.3
CVSSv2
CVE-2002-1803
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag.
Francisco Burzi Php-nuke 6.0
1 EDB exploit
5
CVSSv2
CVE-2001-0854
PHP-Nuke 5.2 allows remote malicious users to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.
Francisco Burzi Php-nuke 5.2
7.5
CVSSv2
CVE-2006-6234
Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other versions, allow remote malicious users to execute arbitrary SQL commands via (1) the cid parameter in a list_pages_categories action or (2) the pid parameter in a showpage action.
Francisco Burzi Php-nuke 6.0
5
CVSSv2
CVE-2001-0321
opendir.php script in PHP-Nuke allows remote malicious users to read arbitrary files by specifying the filename as an argument to the requesturl parameter.
Francisco Burzi Php-nuke 8.0 Final
4.3
CVSSv2
CVE-2006-1846
Cross-site scripting (XSS) vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote malicious users to inject arbitrary HTML and web script via the ublock parameter, which is saved in the user's personal menu. NOTE: the provenance of this information is u...
Francisco Burzi Php-nuke 7.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »