Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-nuke vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1028
PHP-Nuke 6.x up to and including 7.6 allows remote malicious users to obtain sensitive information via a direct request to (1) index.php with the forum_admin parameter set, (2) the Surveys module, or (3) the Your_Account module, which reveals the path in a PHP error message.
Phpnuke Php-nuke
NA
CVE-2004-1987
picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to execute arbitrary commands via shell metacharacters in the (1) $CONFIG['impath'] or (2) $CONFIG['jpeg_qual'] parameters.
Coppermine Coppermine Photo Gallery 1.0 Rc3
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Coppermine Coppermine Photo Gallery 1.2.2 B
Francisco Burzi Php-nuke 6.9
Coppermine Coppermine Photo Gallery 1.1 .0
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.2.1
NA
CVE-2004-1989
PHP remote file inclusion vulnerability in theme.php in Coppermine Photo Gallery 1.2.2b allows remote malicious users to execute arbitrary PHP code by modifying the THEME_DIR parameter to reference a URL on a remote web server that contains user_list_info_box.inc.
Coppermine Coppermine Photo Gallery 1.0 Rc3
Coppermine Coppermine Photo Gallery 1.1 .0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Coppermine Coppermine Photo Gallery 1.2
Francisco Burzi Php-nuke 7.2
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.2.2 B
1 EDB exploit
NA
CVE-2004-1984
Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote malicious users to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.php, which reveal the full...
Coppermine Coppermine Photo Gallery 1.1 .0
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Francisco Burzi Php-nuke 7.2
Coppermine Coppermine Photo Gallery 1.0 Rc3
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.2.2 B
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
NA
CVE-2004-1985
Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine Photo Gallery 1.2.2b allows remote malicious users to inject arbitrary HTML or web script via the CPG_URL parameter.
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.2.2 B
Coppermine Coppermine Photo Gallery 1.0 Rc3
Coppermine Coppermine Photo Gallery 1.1 .0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Coppermine Coppermine Photo Gallery 1.2
Francisco Burzi Php-nuke 7.2
1 EDB exploit
NA
CVE-2004-1986
Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.0 Rc3
Coppermine Coppermine Photo Gallery 1.1 .0
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.2.2 B
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
1 EDB exploit
NA
CVE-2004-1988
PHP remote file inclusion vulnerability in init.inc.php in Coppermine Photo Gallery 1.2.0 RC4 allows remote malicious users to execute arbitrary PHP code by modifying the CPG_M_DIR to reference a URL on a remote web server that contains functions.inc.php.
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.1 .0
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Francisco Burzi Php-nuke 7.2
Coppermine Coppermine Photo Gallery 1.2.2 B
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Coppermine Coppermine Photo Gallery 1.0 Rc3
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
1 EDB exploit
NA
CVE-2007-5032
Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote malicious users to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.
Francisco Burzi Php-nuke
NA
CVE-2009-1842
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the HTTP Referer header.
Phpnuke Php-nuke 8.0
1 EDB exploit
NA
CVE-2007-0309
SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Francisco Burzi Php-nuke
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »