Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0907
SQL injection vulnerability in PHP-Nuke prior to 7.8 Patched 3.2 allows remote malicious users to execute arbitrary SQL commands via encoded /%2a (/*) sequences in the query string, which bypasses regular expressions that are intended to protect against SQL injection, as demonstr...
Francisco Burzi Php-nuke 7.8
NA
CVE-2006-6234
Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other versions, allow remote malicious users to execute arbitrary SQL commands via (1) the cid parameter in a list_pages_categories action or (2) the pid parameter in a showpage action.
Francisco Burzi Php-nuke 6.0
NA
CVE-2006-1847
SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote malicious users to execute arbitrary SQL commands via the user_id parameter in the Your_Home functionality. NOTE: the provenance of this information is unknown; the details are obtained sol...
Francisco Burzi Php-nuke 7.8
NA
CVE-2005-0996
Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min paramet...
Francisco Burzi Php-nuke 7.6
NA
CVE-2005-0997
Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote malicious users to execute arbitrary SQL commands via (1) the email or url parameters in the Add function, (2) the url parameter in the modifylinkrequestS function, (3) the orderby or min...
Francisco Burzi Php-nuke 7.6
1 EDB exploit
NA
CVE-2005-1000
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Link...
Francisco Burzi Php-nuke 7.6
4 EDB exploits
NA
CVE-2001-0292
PHP-Nuke 4.4.1a allows remote malicious users to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.
Francisco Burzi Php-nuke 4.4.1a
NA
CVE-2002-1242
SQL injection vulnerability in PHP-Nuke prior to 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php.
Francisco Burzi Php-nuke 5.6
1 EDB exploit
NA
CVE-2003-1526
PHP-Nuke 7.0 allows remote malicious users to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message.
Francisco Burzi Php-nuke 7.0
NA
CVE-2001-0854
PHP-Nuke 5.2 allows remote malicious users to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.
Francisco Burzi Php-nuke 5.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »