Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
francisco burzi php-nuke 4.4 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2001-0320
bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote malicious users to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument.
Francisco Burzi Php-nuke 4.0.4
Francisco Burzi Php-nuke 4.4
755
VMScore
CVE-2002-0206
index.php in Francisco Burzi PHP-Nuke 5.3.1 and previous versions, and possibly other versions prior to 5.5, allows remote malicious users to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.
Francisco Burzi Php-nuke 1.0
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 4.4.1a
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 2.5
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 5.2a
1 EDB exploit
668
VMScore
CVE-2001-0001
cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.
Francisco Burzi Php-nuke 4.4
650
VMScore
CVE-2004-0269
SQL injection vulnerability in PHP-Nuke 6.9 and previous versions, and possibly 7.x, allows remote malicious users to inject arbitrary SQL code and gain sensitive information via (1) the category variable in the Search module or (2) the admin variable in the Web_Links module.
Francisco Burzi Php-nuke 1.0
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.6
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 2.5
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 5.2a
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 4.4.1a
Francisco Burzi Php-nuke 5.4
2 EDB exploits
505
VMScore
CVE-2002-2032
sql_layer.php in PHP-Nuke 5.4 and previous versions does not restrict access to debugging features, which allows remote malicious users to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php.
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 1.0
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 2.5
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 5.4
Francisco Burzi Php-nuke 5.2a
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 4.4.1a
1 EDB exploit
505
VMScore
CVE-2001-0383
banners.php in PHP-Nuke 4.4 and previous versions allows remote malicious users to modify banner ad URLs by directly calling the Change operation, which does not require authentication.
Francisco Burzi Php-nuke
1 EDB exploit
440
VMScore
CVE-2001-1524
Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext pa...
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 5.2a
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 4.4.1a
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.2
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started