Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-nuke vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-3512
SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php.
Php Nuke Kleinanzeigen Module
1 EDB exploit
695
VMScore
CVE-2007-1061
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and previous versions, when the "HTTP Referers" block is enabled, allows remote malicious users to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).
Francisco Burzi Php-nuke
3 EDB exploits
668
VMScore
CVE-2001-1032
admin.php in PHP-Nuke 5.2 and previous versions, except 5.0RC1, does not check login credentials for upload operations, which allows remote malicious users to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload par...
Francisco Burzi Php-nuke
668
VMScore
CVE-2006-3598
SQL injection vulnerability in the Sections module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the artid parameter in a viewarticle op.
Php-nuke Sections Module
454
VMScore
CVE-2007-5032
Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote malicious users to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.
Francisco Burzi Php-nuke
505
VMScore
CVE-2001-0383
banners.php in PHP-Nuke 4.4 and previous versions allows remote malicious users to modify banner ad URLs by directly calling the Change operation, which does not require authentication.
Francisco Burzi Php-nuke
1 EDB exploit
685
VMScore
CVE-2008-0461
SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of t...
Francisco Burzi Php-nuke
1 EDB exploit
505
VMScore
CVE-2007-3332
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote malicious users to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload action.
Php-nuke Satel Lite
1 EDB exploit
445
VMScore
CVE-2011-3784
Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files.
Phpnuke Php-nuke 8.0
755
VMScore
CVE-2009-1842
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the HTTP Referer header.
Phpnuke Php-nuke 8.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »