Lucene search
K

94 matches found

exploitpack
exploitpack
added 2005/04/05 12:0 a.m.14 views

PHP-Nuke 6.x7.x Downloads Module - Lid Cross-Site Scripting

PHP-Nuke 6.x7.x Downloads Module - Lid Cross-Site Scripting source: https://www.securityfocus.com/bid/13011/info It is reported that the PHP-Nuke 'Downloads' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/05 12:0 a.m.29 views

PHP-Nuke 6.x/7.x 'Downloads' Module - 'Lid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13011/info It is reported that the PHP-Nuke 'Downloads' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This problem presents itself when malicious...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/03/20 12:0 a.m.31 views

Ciamos Installation path(IHS)

IHS Iran Hackers Sabotage Public advisory by : NT [email protected] I Would Change A Default Value In CIAMOS,By Change A value In Viewcat.php I Get An Error On It Show CIAMOS Installation Path. Tested In Ciamos 0.9.2 RC1 ------------------------------------------- Going To CIAMOS And Downloads OR...

1AI score
Exploits0
securityvulns
securityvulns
added 2005/03/01 12:0 a.m.27 views

[SECURITYREASON.COM] PostNuke SQL Injection 0.760-RC2=>x cXIb8O3.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.760-RC2=x cXIb8O3.3 Author: cXIb8O3Maksymilian Arciemowicz Date: 20.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2005/03/01 12:0 a.m.43 views

postnukeSQL0760-2.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.760-RC2=x cXIb8O3.3 Author: cXIb8O3Maksymilian Arciemowicz Date: 20.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

7.4AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-2752

Cross-site scripting XSS vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action...

4.3CVSS5.9AI score0.01022EPSS
Exploits0References3
NVD
NVD
added 2004/05/05 4:0 a.m.23 views

CVE-2004-1999

Cross-site scripting XSS vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to inject arbitrary HTML and web script via the 1 ttitle or 2 sid parameters to modules.php...

4.3CVSS5.8AI score0.01255EPSS
Exploits1References4
NVD
NVD
added 2004/05/05 4:0 a.m.12 views

CVE-2004-2000

SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the 1 orderby or 2 sid parameters to modules.php...

7.5CVSS8.2AI score0.01868EPSS
Exploits1References8
NVD
NVD
added 2004/04/21 4:0 a.m.14 views

CVE-2004-1957

Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the 1 lid and query parameters to the Downloads module, 2 query parameter to the Weblinks module, or 3 hlpfile parameter to openwindow.php...

2.6CVSS5.8AI score0.0459EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2004/04/21 12:0 a.m.37 views

PostNuke Phoenix 0.726 - 'openwindow.php?hlpfile' Cross-Site Scripting

source: https://www.securityfocus.com/bid/10191/info Multiple vulnerabilities were reported to exist in PostNuke Phoenix. The following specific vulnerabilities were reported: - Multiple path disclosure vulnerabilities that occur when a user directly requests scripts in the "/includes/blocks/" an...

7.4AI score
Exploits0
NVD
NVD
added 2003/12/31 5:0 a.m.15 views

CVE-2003-1210

Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the 1 lid parameter to the getit function or the 2 min parameter to the search function...

7.5CVSS8.7AI score0.05365EPSS
Exploits1References3
securityvulns
securityvulns
added 2003/08/12 12:0 a.m.17 views

Chatserver - XSS ( push )

PostNuke Downloads & WebLinks ttitle variable XSS ------ Product: PostNuke Vendor: PostNuke WWW.POSTNUKE.COM http://www.POSTNUKE.COM Versions Vulnerable: PostNuke Phoenix 0.7.x.x Phoenix 0.7.2.3 with patches in all versions Phoenix 0.7.2.3 without patches in all versions 0.7.2.1 All prior version...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2003/08/12 12:0 a.m.42 views

PostNuke Downloads & Web_Links ttitle variable XSS

PostNuke Downloads & WebLinks ttitle variable XSS ------ Product: PostNuke Vendor: PostNuke WWW.POSTNUKE.COM http://www.POSTNUKE.COM Versions Vulnerable: PostNuke Phoenix 0.7.x.x Phoenix 0.7.2.3 with patches in all versions Phoenix 0.7.2.3 without patches in all versions 0.7.2.1 All prior version...

1.1AI score
Exploits0
exploitpack
exploitpack
added 2003/05/13 12:0 a.m.25 views

PHP-Nuke 6.5 (Multiple Downloads Module) - SQL Injection

PHP-Nuke 6.5 Multiple Downloads Module - SQL Injection source: https://www.securityfocus.com/bid/7588/info PHP-Nuke is reportedly prone to multiple SQL injection vulnerabilities in the Downloads module. Exploitation could allow for injection of malicious SQL syntax, resulting in modification of S...

0.2AI score
Exploits0
Rows per page
Query Builder