Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-nuke vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2007-1626
PHP remote file inclusion vulnerability in iframe.php in the iFrame Module for PHP-NUKE allows remote malicious users to execute arbitrary PHP code via a URL in the file parameter.
Php-nuke Iframe Module
1 EDB exploit
760
VMScore
CVE-2007-1034
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and previous versions module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Php-nuke Emporium Module
2 EDB exploits
755
VMScore
CVE-2008-0907
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Php-nuke Inhalt Module
1 EDB exploit
755
VMScore
CVE-2009-1842
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the HTTP Referer header.
Phpnuke Php-nuke 8.0
1 EDB exploit
383
VMScore
CVE-2003-0318
Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and previous versions allows remote malicious users to insert arbitrary web script via the year parameter.
Francisco Burzi Php-nuke
505
VMScore
CVE-2001-0383
banners.php in PHP-Nuke 4.4 and previous versions allows remote malicious users to modify banner ad URLs by directly calling the Change operation, which does not require authentication.
Francisco Burzi Php-nuke
1 EDB exploit
454
VMScore
CVE-2007-5032
Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote malicious users to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.
Francisco Burzi Php-nuke
695
VMScore
CVE-2007-1061
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and previous versions, when the "HTTP Referers" block is enabled, allows remote malicious users to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).
Francisco Burzi Php-nuke
3 EDB exploits
755
VMScore
CVE-2007-0309
SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Francisco Burzi Php-nuke
1 EDB exploit
755
VMScore
CVE-2008-3512
SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php.
Php Nuke Kleinanzeigen Module
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »