CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action...

4.3CVSS6.1AI score0.01022EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:18 p.m.•4 views

CVE-2005-2689

Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via 1 the moderate parameter to the Comments module or 2 htmltext parameter to html/user.php...

2.6CVSS6AI score0.01434EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 8:29 p.m.•2 views

CVE-2002-2015

PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter...

7.5CVSS7.8AI score0.09493EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 6:27 p.m.•4 views

CVE-2005-2690

SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php...

7.5CVSS8.6AI score0.00982EPSS

Exploits1References1

SUSE CVE•added 2023/02/15 6:16 a.m.•2 views

SUSE CVE-2006-0147

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PhpOpenChat, possibly 7 MAXdev MD-Pro, and 8 Simplog, allows remote attackers to execute arbitrary PHP...

7.5CVSS8AI score0.12773EPSS

Exploits1References4

seebug.org•added 2014/07/01 12:0 a.m.•14 views

PostNuke 0.76 RC2 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18319/info PostNuke is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection vulnerabilities, because the application fails to properly sanitize user-supplied input. A...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•32 views

PostNuke Phoenix 0.72x Rating System Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7702/info some submissions to the rating system. Because of this, a remote attacker may be able to submit a string that causes a denial of service to legitmate users...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•32 views

PostNuke Phoenix 0.760 RC3 OP Parameter Remote Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13075/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web conten...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•28 views

PostNuke Phoenix 0.760 RC3 Module Parameter Remote Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13076/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web conten...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•31 views

PostNuke Phoenix 0.760 RC3 SID Parameter Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13077/info A remote SQL Injection vulnerability affects PostNuke Phoenix. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•21 views

PHP-Wiki 1.2/1.3 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5254/info PHP-Wiki does not sufficiently sanitize HTML from URI parameters, making it prone to cross-site scripting attacks. An attacker may exploit this condition by enticing users to visit a malicious link which contain...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•12 views

PostNuke 0.703 caselist Arbitrary Module Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4381/info PostNuke is a content management system originally forked from the PHP-Nuke project. It is implemented in PHP, and available for Windows, Linux and other Unix based systems. A vulnerability has been reported in...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

Michael Schatz Books 0.54/0.6 PostNuke Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5882/info Books is a module written for PostNuke. Reportedly, Books is prone to cross site scripting attacks. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link containing HTML...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by