Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-1000
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Link...
Francisco Burzi Php-nuke 7.6
4 EDB exploits
7.5
CVSSv2
CVE-2002-1242
SQL injection vulnerability in PHP-Nuke prior to 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php.
Francisco Burzi Php-nuke 5.6
1 EDB exploit
4.3
CVSSv2
CVE-2006-1846
Cross-site scripting (XSS) vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote malicious users to inject arbitrary HTML and web script via the ublock parameter, which is saved in the user's personal menu. NOTE: the provenance of this information is u...
Francisco Burzi Php-nuke 7.8
7.5
CVSSv2
CVE-2005-4715
Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) name, (2) sid, and (3) pid parameters in a POST request, which bypasses security checks that are pe...
Francisco Burzi Php-nuke 7.8
5
CVSSv2
CVE-2004-1830
error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote malicious users to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a PHP error message.
Francisco Burzi Php-nuke 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2004-0732
SQL injection vulnerability in index.php in the Search module for Php-Nuke allows remote malicious users to execute arbitrary SQL statements via the instory parameter.
Francisco Burzi Php-nuke 8.0 Final
7.5
CVSSv2
CVE-2004-0738
Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote malicious users to execute arbitrary SQL via the (1) min or (2) categ parameters.
Francisco Burzi Php-nuke 8.0 Final
7.5
CVSSv2
CVE-2001-0001
cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.
Francisco Burzi Php-nuke 4.4
7.5
CVSSv2
CVE-2006-1847
SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote malicious users to execute arbitrary SQL commands via the user_id parameter in the Your_Home functionality. NOTE: the provenance of this information is unknown; the details are obtained sol...
Francisco Burzi Php-nuke 7.8
5
CVSSv2
CVE-2001-0854
PHP-Nuke 5.2 allows remote malicious users to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.
Francisco Burzi Php-nuke 5.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »