Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpnuke vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1602
PHP remote file inclusion vulnerability in includes/functions_common.php in the VWar Account module (vWar_Account) in PHPNuke Clan 3.0.1 allows remote malicious users to include arbitrary files via a URL in the vwar_root2 parameter. NOTE: it is possible that this issue stems from...
Phpnuke-clan Phpnuke-clan 3.0.1
NA
CVE-2014-3934
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote malicious users to execute arbitrary SQL commands via the topics[] parameter to modules.php.
Phpnuke Php-nuke 8.3
Phpnuke Submit News Module -
1 EDB exploit
NA
CVE-2010-5083
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
Phpnuke Php-nuke 8.0
Phpnuke Web Links Module -
1 EDB exploit
NA
CVE-2003-1340
Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote malicious users to execute arbitrary SQL commands via an aid (admin) cook...
Phpnuke Php-nuke 6.5
Phpnuke Php-nuke 5.6
NA
CVE-2006-4563
Cross-site scripting (XSS) vulnerability in the MyHeadlines prior to 4.3.2 module for PHP-Nuke allows remote malicious users to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
Phpnuke Myheadlines
1 EDB exploit
NA
CVE-2008-6779
SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.
Phpnuke Sarkilar Module
1 EDB exploit
NA
CVE-2008-0827
SQL injection vulnerability in the Books module of PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Phpnuke Book
1 EDB exploit
NA
CVE-2007-1519
Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948.
Phpnuke Php-nuke
NA
CVE-2008-1220
SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Phpnuke 4nchat 0.91
1 EDB exploit
8.8
CVSSv3
CVE-2004-1842
Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x up to and including 7.1.0 allows remote malicious users to gain administrative privileges via an img tag with a URL to admin.php.
Phpnuke Php-nuke
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »