Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-nuke vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-5494
Multiple PHP remote file inclusion vulnerabilities in modules/My_eGallery/public/displayCategory.php in the pandaBB module for PHP-Nuke allow remote malicious users to execute arbitrary PHP code via a URL in the (1) adminpath or (2) basepath parameters. NOTE: this issue might ove...
Phpnuke Php-nuke 8.0
1 EDB exploit
755
VMScore
CVE-2008-0922
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
Php-nuke Manuales 0.1
1 EDB exploit
668
VMScore
CVE-2006-3598
SQL injection vulnerability in the Sections module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the artid parameter in a viewarticle op.
Php-nuke Sections Module
685
VMScore
CVE-2008-0461
SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of t...
Francisco Burzi Php-nuke
1 EDB exploit
760
VMScore
CVE-2007-1034
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and previous versions module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Php-nuke Emporium Module
2 EDB exploits
755
VMScore
CVE-2009-1842
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the HTTP Referer header.
Phpnuke Php-nuke 8.0
1 EDB exploit
445
VMScore
CVE-2011-3784
Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files.
Phpnuke Php-nuke 8.0
505
VMScore
CVE-2007-3332
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote malicious users to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload action.
Php-nuke Satel Lite
1 EDB exploit
668
VMScore
CVE-2001-1032
admin.php in PHP-Nuke 5.2 and previous versions, except 5.0RC1, does not check login credentials for upload operations, which allows remote malicious users to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload par...
Francisco Burzi Php-nuke
755
VMScore
CVE-2007-0309
SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Francisco Burzi Php-nuke
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »