Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-nuke vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-0907
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Php-nuke Inhalt Module
1 EDB exploit
7.5
CVSSv2
CVE-2007-0309
SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Francisco Burzi Php-nuke
1 EDB exploit
7.5
CVSSv2
CVE-2007-1034
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and previous versions module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Php-nuke Emporium Module
2 EDB exploits
4.3
CVSSv2
CVE-2003-0318
Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and previous versions allows remote malicious users to insert arbitrary web script via the year parameter.
Francisco Burzi Php-nuke
6.8
CVSSv2
CVE-2008-0461
SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of t...
Francisco Burzi Php-nuke
1 EDB exploit
5
CVSSv2
CVE-2007-3332
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote malicious users to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload action.
Php-nuke Satel Lite
1 EDB exploit
7.5
CVSSv2
CVE-2008-0922
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
Php-nuke Manuales 0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-3512
SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php.
Php Nuke Kleinanzeigen Module
1 EDB exploit
6.8
CVSSv2
CVE-2007-1061
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and previous versions, when the "HTTP Referers" block is enabled, allows remote malicious users to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).
Francisco Burzi Php-nuke
3 EDB exploits
5
CVSSv2
CVE-2011-3784
Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files.
Phpnuke Php-nuke 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »