Lucene search
K

536 matches found

Tenable Nessus
Tenable Nessus
added 2005/04/08 12:0 a.m.22 views

PostNuke < 0.760 RC4 Multiple Script XSS

The version of PostNuke installed on the remote host fails to properly sanitize user input through the 'op' parameter of the 'user.php' script and the 'module' parameter of the 'admin.php' script before using it in dynamically-generated content. An attacker can exploit this flaw to inject arbitra...

2.6CVSS5.9AI score0.0354EPSS
Exploits1References3
exploitpack
exploitpack
added 2005/04/08 12:0 a.m.26 views

PostNuke Phoenix 0.760 RC3 - OP Cross-Site Scripting

PostNuke Phoenix 0.760 RC3 - OP Cross-Site Scripting source: https://www.securityfocus.com/bid/13075/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2005/03/02 5:0 a.m.18 views

CVE-2005-0615

Multiple SQL injection vulnerabilities in 1 index.php, 2 modules.php, or 3 admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter...

8.2AI score0.01198EPSS
Exploits0References3
CVE
CVE
added 2005/03/02 5:0 a.m.51 views

CVE-2005-0615

PostNuke 0.760-RC2 is affected by multiple SQL injection vulnerabilities in index.php, modules.php, and admin.php via the catid parameter, enabling remote attackers to execute arbitrary SQL. The CVE entry CVE-2005-0615 maps to these flaws. OpenVAS/Nessus entries corroborate multiple SQL injection...

7.5CVSS8.3AI score0.01198EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2005/03/02 5:0 a.m.60 views

CVE-2005-0617

CVE-2005-0617 describes an SQL injection vulnerability in PostNuke versions 0.750 and 0.760-RC2 that allows remote attackers to execute arbitrary SQL commands via the show parameter in dl-search.php. The issue is confirmed by the NVD entry and related OpenVAS/Nessus advisories referencing PostNuk...

7.5CVSS8.3AI score0.01198EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/03/02 5:0 a.m.26 views

CVE-2005-0616

Multiple cross-site scripting XSS vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the 1 Program name, 2 File link, 3 Author name 4 Author e-mail address, 5 File size, 6 Version, or 7 Home page variables...

5.7AI score0.01164EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/03/02 5:0 a.m.17 views

CVE-2005-0617

SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.760-RC2 allows remote attackers to execute arbitrary SQL commands via the show parameter...

8.2AI score0.01198EPSS
Exploits0References3
CVE
CVE
added 2005/03/02 5:0 a.m.48 views

CVE-2005-0616

CVE-2005-0616 describes cross-site scripting (XSS) in the PostNuke Download module for versions 0.750 and 0.760-RC2. The vulnerability affects the Download module’s handling of several input fields (Program name, File link, Author name, Author e‑mail, File size, Version, Home page), enabling remo...

4.3CVSS5.7AI score0.01164EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2005/03/02 12:0 a.m.34 views

mixedSQL.txt

Postnuke all versions + pnphpbb =1.2 sql injection - jocanor Author: Jocanor Date: 01-03-2k5 1. -----------introduction--------. Postnuke is an open source CMS content management system, originally based in php-nuke. www.postnuke.com pnphpbb is a module for postnuke based in popular forum system...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/02 12:0 a.m.29 views

PostNuke < 0.760 RC3 Multiple Vulnerabilities

Binary data 2662.prm...

7.5CVSS7.3AI score0.01198EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/03/02 12:0 a.m.19 views

[SA14433] PostNuke Multiple Vulnerabilities

---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2005/03/01 12:0 a.m.22 views

[SECURITYREASON.COM] PostNuke Critical SQL Injection 0.760-RC2=&gt;x cXIb8O3.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke Critical SQL Injection 0.760-RC2=x cXIb8O3.1 Author: cXIb8O3Maksymilian Arciemowicz Date: 15.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.760-RC2=x PostNuke is an open source, open developement...

8.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/03/01 12:0 a.m.53 views

postnukeSQL0760.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke Critical SQL Injection 0.760-RC2=x cXIb8O3.1 Author: cXIb8O3Maksymilian Arciemowicz Date: 15.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.760-RC2=x PostNuke is an open source, open developement...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/03/01 12:0 a.m.29 views

[SECURITYREASON.COM] PostNuke Critical XSS 0.760-RC2=&gt;x cXIb8O3.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke Critical XSS 0.760-RC2=x cXIb8O3.2 Author: cXIb8O3Maksymilian Arciemowicz Date: 19.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2005/03/01 12:0 a.m.26 views

[SECURITYREASON.COM] PostNuke SQL Injection 0.760-RC2=&gt;x cXIb8O3.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.760-RC2=x cXIb8O3.3 Author: cXIb8O3Maksymilian Arciemowicz Date: 20.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2005/03/01 12:0 a.m.43 views

postnukeSQL0760-2.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.760-RC2=x cXIb8O3.3 Author: cXIb8O3Maksymilian Arciemowicz Date: 20.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/03/01 12:0 a.m.29 views

[SECURITYREASON.COM] PostNuke SQL Injection 0.760-RC2=&gt;x cXIb8O3.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.760-RC2=x cXIb8O3.3 Author: cXIb8O3Maksymilian Arciemowicz Date: 20.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/03/01 12:0 a.m.33 views

[ Postnuke all versions + pnphpbb &lt;=1.2 sql injection - jocanor ]

Postnuke all versions + pnphpbb =1.2 sql injection - jocanor Author: Jocanor Date: 01-03-2k5 1. -----------introduction--------. Postnuke is an open source CMS content management system, originally based in php-nuke. www.postnuke.com pnphpbb is a module for postnuke based in popular forum system...

Exploits0
Packet Storm
Packet Storm
added 2005/03/01 12:0 a.m.41 views

postnukeXSS.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke Critical XSS 0.760-RC2=x cXIb8O3.2 Author: cXIb8O3Maksymilian Arciemowicz Date: 19.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/01 12:0 a.m.30 views

PostNuke <= 0.760 RC2 Multiple Vulnerabilities

The remote host is running PostNuke version 0.760 RC2 or older. These versions suffer from several vulnerabilities, among them : - SQL injection vulnerability in the News, NS-Polls and NS-AddStory modules. - SQL injection vulnerability in the Downloads module. - Cross-site scripting vulnerabiliti...

7.5CVSS5.8AI score0.01198EPSS
Exploits0References5
Rows per page
Query Builder