Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
janek vind vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1912
The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a, as used in PHP-Nuke, allow remote malicious users to obtain sensitive information via a URL with an invalid argument, which reveals the full path in ...
Francisco Burzi Php-nuke 8.0 Final
Shiba-design Nukecalendar 1.1.a
4 EDB exploits
NA
CVE-2004-0322
Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final SP2 allow remote malicious users to execute arbitrary script as other users via the (1) member parameter in member.php, (2) uid parameter in u2uadmin.php, (3) user parameter in editprofile.php, (4) an onmouseove...
Xmb Forum Xmb 1.8 Sp1
Xmb Forum Xmb 1.8
Xmb Forum Xmb 1.8 Sp2
3 EDB exploits
NA
CVE-2007-2339
Multiple SQL injection vulnerabilities in Phorum prior to 5.1.22 allow remote malicious users to execute arbitrary SQL commands via (1) a modified recipients parameter name in (a) pm.php; (2) the curr parameter to the (b) badwords (aka censorlist) or (c) banlist module in admin.p...
Phorum Phorum
3 EDB exploits
NA
CVE-2004-2040
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote malicious users to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg ...
E107 E107 0.6 15
E107 E107 0.6 15a
2 EDB exploits
NA
CVE-2004-1911
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php.
Azerbaijan Development Group Azdgdating 2.1.1
2 EDB exploits
NA
CVE-2007-2248
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum prior to 5.1.22 allow remote malicious users to inject arbitrary web script or HTML via the (1) group_id parameter in the groups module or (2) the smiley_id parameter in the smileys modsettings module.
Phorum Phorum
2 EDB exploits
NA
CVE-2004-1817
Cross-site scripting (XSS) vulnerability in modules.php in Php-Nuke 7.1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) Your Name field, (2) e-mail field, (3) nicname field, (4) fname parameter, (5) ratenum parameter, or (6) search field.
Francisco Burzi Php-nuke 7.1
1 EDB exploit
NA
CVE-2004-1821
SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 up to and including 7.0 allows remote malicious users to gain privileges or perform unauthorized database operations via the gid parameter.
Warpspeed 4nalbum Module 0.92
1 EDB exploit
NA
CVE-2004-1830
error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote malicious users to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a PHP error message.
Francisco Burzi Php-nuke 6.0
1 EDB exploit
NA
CVE-2004-1913
Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote malicious users to inject arbitrary web script or HTML via the eid parameter.
Francisco Burzi Php-nuke 8.0 Final
Shiba-design Nukecalendar 1.1.a
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »