Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
janek vind vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1912
The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a, as used in PHP-Nuke, allow remote malicious users to obtain sensitive information via a URL with an invalid argument, which reveals the full path in ...
Francisco Burzi Php-nuke 8.0 Final
Shiba-design Nukecalendar 1.1.a
4 EDB exploits
NA
CVE-2004-0322
Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final SP2 allow remote malicious users to execute arbitrary script as other users via the (1) member parameter in member.php, (2) uid parameter in u2uadmin.php, (3) user parameter in editprofile.php, (4) an onmouseove...
Xmb Forum Xmb 1.8 Sp1
Xmb Forum Xmb 1.8 Sp2
Xmb Forum Xmb 1.8
3 EDB exploits
NA
CVE-2007-2339
Multiple SQL injection vulnerabilities in Phorum prior to 5.1.22 allow remote malicious users to execute arbitrary SQL commands via (1) a modified recipients parameter name in (a) pm.php; (2) the curr parameter to the (b) badwords (aka censorlist) or (c) banlist module in admin.p...
Phorum Phorum
3 EDB exploits
NA
CVE-2007-2248
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum prior to 5.1.22 allow remote malicious users to inject arbitrary web script or HTML via the (1) group_id parameter in the groups module or (2) the smiley_id parameter in the smileys modsettings module.
Phorum Phorum
2 EDB exploits
NA
CVE-2004-1911
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php.
Azerbaijan Development Group Azdgdating 2.1.1
2 EDB exploits
NA
CVE-2004-2040
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote malicious users to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg ...
E107 E107 0.6 15a
E107 E107 0.6 15
2 EDB exploits
NA
CVE-2004-1818
Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum 0.92 for PHP-Nuke 6.5 up to and including 7.0 allows remote malicious users to execute arbitrary script as other users by injecting arbitrary script into the z parameter.
1 EDB exploit
NA
CVE-2004-1820
PHP remote file inclusion vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 up to and including 7.0 allows remote malicious users to execute arbitrary PHP code by modifying the basepath parameter to reference a URL on a remote web server that contains fileFunc...
Warpspeed 4nalbum Module 0.92
1 EDB exploit
NA
CVE-2004-1821
SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 up to and including 7.0 allows remote malicious users to gain privileges or perform unauthorized database operations via the gid parameter.
Warpspeed 4nalbum Module 0.92
1 EDB exploit
NA
CVE-2004-1829
Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) pagetitle or (2) error parameters, or (3) certain parameters in the error log.
Error Manager Php-nuke Module 2.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »