Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nucleus cms nucleus cms 3.22 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-6920
Cross-site scripting (XSS) vulnerability in Nucleus prior to 3.24 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors, possibly involving (1) lib/ADMIN.php and (2) lib/SKIN.php.
Nucleus Cms Nucleus Cms 3.0
Nucleus Cms Nucleus Cms 3.23
Nucleus Cms Nucleus Cms 3.1
Nucleus Cms Nucleus Cms 3.2
Nucleus Cms Nucleus Cms 3.21
Nucleus Cms Nucleus Cms 3.22
Nucleus Cms Nucleus Cms 3.0 Rc
Nucleus Cms Nucleus Cms 3.01
7.5
CVSSv2
CVE-2006-3136
Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote malicious users to execute arbitrary PHP code via a URL the DIR_LIBS parameter in (1) path/action.php, and to files in path/nucleus including (2) media.php, (3) /xmlrpc/server.php, and (4) /xmlrpc/api...
Nucleus Group Nucleus Cms 3.0
Nucleus Group Nucleus Cms 3.23
Nucleus Group Nucleus Cms 3.0 Rc
Nucleus Group Nucleus Cms 3.1
Nucleus Group Nucleus Cms 3.21
Nucleus Group Nucleus Cms 3.22
Nucleus Group Nucleus Cms 3.0 1
Nucleus Group Nucleus Cms 3.2
5
CVSSv2
CVE-2009-0929
Directory traversal vulnerability in the media manager in Nucleus CMS prior to 3.40 allows remote malicious users to read arbitrary files via unknown vectors.
Nucleus Group Nucleus Cms 3.23
Nucleus Group Nucleus Cms 3.21
Nucleus Group Nucleus Cms
Nucleus Group Nucleus Cms 3.0
Nucleus Group Nucleus Cms 3.0 1
Nucleus Group Nucleus Cms 3.22
Nucleus Group Nucleus Cms 3.1
Nucleus Group Nucleus Cms 3.2
Nucleus Group Nucleus Cms 3.01
Nucleus Group Nucleus Cms 3.0 Rc
4.3
CVSSv2
CVE-2008-0497
Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS 3.31 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO, which is not quoted when processing PHP_SELF.
Nucleus Cms Nucleus Cms 3.31
1 EDB exploit
5.1
CVSSv2
CVE-2006-2583
PHP remote file inclusion vulnerability in nucleus/libs/PLUGINADMIN.php in Nucleus 3.22 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[DIR_LIBS] parameter.
Nucleus Group Nucleus Cms
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started