CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

536 matches found

securityvulns•added 2002/07/18 12:0 a.m.•26 views

Wiki module postnuke Cross Site Scripting Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------- Class : input Validation Error Risk : Due to the simplicity of the attack and the number of sites that run phpwiki, the risk is classified as Medium to High. -...

7.1AI score

Exploits0

securityvulns•added 2002/04/24 12:0 a.m.•41 views

Crossite scripting in PHPNuke/PostNUKE

No description provided...

1.2AI score

Exploits0References12Affected Software1

exploitpack•added 2002/03/28 12:0 a.m.•21 views

PostNuke 0.703 - caselist Arbitrary Module Include

PostNuke 0.703 - caselist Arbitrary Module Include source: https://www.securityfocus.com/bid/4381/info PostNuke is a content management system originally forked from the PHP-Nuke project. It is implemented in PHP, and available for Windows, Linux and other Unix based systems. A vulnerability has...

Exploits0

securityvulns•added 2002/03/28 12:0 a.m.•31 views

postnuke v 0.7.0.3 remote command execution

post nuke is one of popular content management system written in php . there are bug in file user.php line 107 which user can append $caselist array with their own value. foreach $caselist as $k=$v $ModName = $v'module'; include "$vpath/$k"; $caselist = array;...

0.4AI score

Exploits0

Exploit DB•added 2002/03/28 12:0 a.m.•23 views

PostNuke 0.703 - caselist Arbitrary Module Include

source: https://www.securityfocus.com/bid/4381/info PostNuke is a content management system originally forked from the PHP-Nuke project. It is implemented in PHP, and available for Windows, Linux and other Unix based systems. A vulnerability has been reported in some versions of PostNuke...

7AI score

Exploits0

securityvulns•added 2002/03/25 12:0 a.m.•21 views

PostNuke Bugged

Hi everyone, this post is 4 weeks after the original information was made available to the developers, allowing time for many effected users to patch and also the developers to fix / check newer versions. --------- rookidd found another set of vulnerabilities in postnuke, this time in version 7.0...

7.6AI score

Exploits0

securityvulns•added 2002/01/08 12:0 a.m.•30 views

CrossSiteScripting PostNuke.

http://www.testnuke.com/modules.php?op=modload&name=Downloads&file=index&req=viewdownloaddetails&lid=2&ttitle=3Cscript3Ealertdocument.location3C/script3E...

0.2AI score

Exploits0

NVD•added 2001/12/31 5:0 a.m.•14 views

CVE-2001-1521

Cross-site scripting XSS vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter...

2.6CVSS5.7AI score0.01171EPSS

Exploits0References4

securityvulns•added 2001/12/03 12:0 a.m.•22 views

Phpnuke Cross site scripting vulnerability

Hi nuke webmasters, Phpnuke cross site scripting vulnerability Affected version : 5.3.1 and prior perhaps other...perhaps all PostNuke affected too. No more explanation, it is enough with cross site scripting...i'm bored with CSS vuln ;...

0.2AI score

Exploits0

exploitpack•added 2001/12/03 12:0 a.m.•25 views

PHP-Nuke 1.02.53.04.x5.x6.x7.x - user.php?uname Cross-Site Scripting

PHP-Nuke 1.02.53.04.x5.x6.x7.x - user.php?uname Cross-Site Scripting source: https://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page,...

6.8AI score

Exploits0

Exploit DB•added 2001/12/03 12:0 a.m.•34 views

PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - 'user.php?uname' Cross-Site Scripting

source: https://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script code. When the link is clicked by...

7.4AI score

Exploits0

Exploit DB•added 2001/12/03 12:0 a.m.•31 views

PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - 'modules.php' Multiple Cross-Site Scripting Vulnerabilities

7.4AI score

Exploits0

securityvulns•added 2001/10/15 12:0 a.m.•55 views

Bug in PostNuke 0.62, 0.63 and 0.64 (and possibly PHPnuke)

----- IMPACT ----- If an attacker knows the username and userid of a user on a PostNuked system, it is possible to log in as the user without specifying a password. Userid/username is usually available from the Members list. A fix is available at the end of this document. ----- AFFECTED VERSIONS...

7.3AI score

Exploits0

NVD•added 2001/10/13 4:0 a.m.•12 views

CVE-2001-1460

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter...

7.5CVSS7.8AI score0.03278EPSS

Exploits1References5

exploitpack•added 2001/10/13 12:0 a.m.•19 views

PostNuke 0.6 - User Login

PostNuke 0.6 - User Login source: https://www.securityfocus.com/bid/3435/info PostNuke, successor to PHPNuke, is a content management system written in PHP. PostNuke versions 0.62 to 0.64 suffer from a vulnerability that allows a remote user to log-in as any user with known username and ID withou...

7.4AI score

Exploits0

Exploit DB•added 2001/10/13 12:0 a.m.•34 views

PostNuke 0.6 - User Login

source: https://www.securityfocus.com/bid/3435/info PostNuke, successor to PHPNuke, is a content management system written in PHP. PostNuke versions 0.62 to 0.64 suffer from a vulnerability that allows a remote user to log-in as any user with known username and ID without authentication. The...

7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by