23 matches found
EUVD-2004-1813
Malware in sbrugna...
EUVD-2004-1814
Malware in sbrugna...
PHP-Nuke 4nAlbum Module 0.92 - 'pid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28162/info The 4nAlbum module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
WarpSpeed 4nAlbum Module 0.92 nmimage.php z Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information disclosure issue with the...
WarpSpeed 4nAlbum Module 0.92 displaycategory.php basepath Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information disclosure issue with the...
WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information disclosure issue with the...
PHP-Nuke 4nAlbum Module 0.92 - pid SQL Injection
PHP-Nuke 4nAlbum Module 0.92 - pid SQL Injection source: https://www.securityfocus.com/bid/28162/info The 4nAlbum module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue coul...
PHP-Nuke 4nAlbum Module 0.92 - 'pid' SQL Injection
source: https://www.securityfocus.com/bid/28162/info The 4nAlbum module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application...
CVE-2004-1818
CVE-2004-1818 describes a cross-site scripting (XSS) vulnerability in the nmimage.php script of 4nalbum 0.92 running on PHP-Nuke 6.5–7.0. Attackers can inject arbitrary script via the z parameter to execute code in the context of other users. The provided documents do not specify exploit details,...
CVE-2004-1819
CVE-2004-1819 affects 4nalbum 0.92 running with PHP-Nuke 6.5–7.0. The issue is an information disclosure via a direct request to displaycategory.php, where an error message reveals the filesystem path. This results in partial confidentiality impact (information disclosure). The connected document...
CVE-2004-1820
The CVE-2004-1820 entry concerns PHP remote file inclusion in displaycategory.php of 4nalbum 0.92 running on PHP-Nuke 6.5–7.0. The underlying flaw allows an attacker to cause arbitrary PHP code execution by altering the basepath parameter to point to a URL on a remote web server that serves fileF...
CVE-2004-1821
CVE-2004-1821 describes an SQL injection vulnerability in the PHP-Nuke module 4nalbum 0.92, affecting versions 6.5 through 7.0. The issue arises from the gid parameter, enabling remote attackers to perform unauthorized database operations or gain privileges. Public references in CVE records conso...
CVE-2004-1821
SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to gain privileges or perform unauthorized database operations via the gid parameter...
CVE-2004-1819
4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to obtain sensitive information via a direct request to displaycategory.php, which reveals the path in an error message...
CVE-2004-1820
PHP remote file inclusion vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary PHP code by modifying the basepath parameter to reference a URL on a remote web server that contains fileFunctions.php...
waraxe-2004-SA006.txt
================================================================================ waraxe-2004-SA006 ================================================================================ Multiple vulnerabilities in 4nalbum module for PhpNuke...
[waraxe-2004-SA#006 - Multiple vulnerabilities in 4nalbum module for PhpNuke]
================================================================================ waraxe-2004-SA006 ================================================================================ Multiple vulnerabilities in 4nalbum module for PhpNuke...
CVE-2004-1818
Cross-site scripting XSS vulnerability in nmimage.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary script as other users by injecting arbitrary script into the z parameter...
CVE-2004-1819
4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to obtain sensitive information via a direct request to displaycategory.php, which reveals the path in an error message...
CVE-2004-1821
SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to gain privileges or perform unauthorized database operations via the gid parameter...