Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpnuke vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-1602
PHP remote file inclusion vulnerability in includes/functions_common.php in the VWar Account module (vWar_Account) in PHPNuke Clan 3.0.1 allows remote malicious users to include arbitrary files via a URL in the vwar_root2 parameter. NOTE: it is possible that this issue stems from...
Phpnuke-clan Phpnuke-clan 3.0.1
578
VMScore
CVE-2003-1340
Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote malicious users to execute arbitrary SQL commands via an aid (admin) cook...
Phpnuke Php-nuke 6.5
Phpnuke Php-nuke 5.6
755
VMScore
CVE-2014-3934
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote malicious users to execute arbitrary SQL commands via the topics[] parameter to modules.php.
Phpnuke Php-nuke 8.3
Phpnuke Submit News Module -
1 EDB exploit
755
VMScore
CVE-2010-5083
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
Phpnuke Php-nuke 8.0
Phpnuke Web Links Module -
1 EDB exploit
685
VMScore
CVE-2006-4563
Cross-site scripting (XSS) vulnerability in the MyHeadlines prior to 4.3.2 module for PHP-Nuke allows remote malicious users to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
Phpnuke Myheadlines
1 EDB exploit
755
VMScore
CVE-2008-0827
SQL injection vulnerability in the Books module of PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Phpnuke Book
1 EDB exploit
755
VMScore
CVE-2008-6779
SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.
Phpnuke Sarkilar Module
1 EDB exploit
685
VMScore
CVE-2004-1842
Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x up to and including 7.1.0 allows remote malicious users to gain administrative privileges via an img tag with a URL to admin.php.
Phpnuke Php-nuke
1 EDB exploit
755
VMScore
CVE-2008-1220
SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote malicious users to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Phpnuke 4nchat 0.91
1 EDB exploit
383
VMScore
CVE-2007-1519
Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948.
Phpnuke Php-nuke
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »