536 matches found
PostNuke Module pnEncyclopedia <= 0.2.0 - SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV90$2008 ----------------------------------------------------------------------------------------- ECHOADV90$2008 PostNuke Module pnEncyclopedia = 0.2.0 id Blind Sql Injection...
PostNuke 0.764 Module modload SQL Injection Vulnerability
No description provided by source. PostNuke 0.764 Module modload SQL Injection Vulnerability Author : BILGEKAGAN Homepage : http://www.1923turk.com Script : postnuke http://www.postnuke.com Download : http://www.postnuke.com/module-Content-view-pid-2.html Vulnerable File...
PostNuke FormExpress Module Blind SQL Injection
No description provided by source. Date: 17/03/2010 Software Link: http://sourceforge.net/projects/pn-formexpress/ Version: 0.3.2 PostNuke ContentExpress Module Blind Sql Injection Reported by Sharif University of Technology CSIRT Vulnerability Analysis and Penetration Testing Group cert.sharif.e...
PostNuke pnFlashGames Module 1.5 - Remote SQL Injection Vulnerability
No description provided by source. ============================================================ PostNuke pnFlashGames Module v1.5 REmote SQL Injection ============================================================ Bulan: xoron xoron.biz + Love's the funeral of hearts The funeral of hearts And a ple...
PostNuke <= 0.750 readpmsg.php SQL Injection Exploit
No description provided by source. !/usr/bin/perl This tools is only for educational purpose K-C0d3r a x0n3-h4ck friend !!! This exploit should give admin nick and md5 password -= PostNuke SQL Injection version : x= 0.750=- -= =- -= Discovered by sp3x =- -= Coded by K-C0d3r =- -= irc.xoned.net...
PostNuke Module v4bJournal - Remote SQL Injection Vulnerability
No description provided by source. ---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir Greetz F...
PostNuke 0.72x Phoenix Glossary Module SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7697/info A vulnerability has been discovered in PostNuke Phoenix v0.723 and earlier. Specifically, the Glossary module fails to sufficiently sanitize user-supplied input, making it prone to SQL injection attacks...
PostNuke Phoenix 0.760 RC3 Module Parameter Remote Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13076/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web conten...
PostNuke 0.76 RC2 Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18319/info PostNuke is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection vulnerabilities, because the application fails to properly sanitize user-supplied input. A...
Michael Schatz Books 0.54/0.6 PostNuke Module Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5882/info Books is a module written for PostNuke. Reportedly, Books is prone to cross site scripting attacks. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link containing HTML...
PostNuke 0.72 Modules.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5809/info A cross site scripting vulnerability has been reported for PostNuke. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and script code may be...
phProfession 2.5 upload.php Direct Request Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation o...
PostNuke 0.703 caselist Arbitrary Module Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4381/info PostNuke is a content management system originally forked from the PHP-Nuke project. It is implemented in PHP, and available for Windows, Linux and other Unix based systems. A vulnerability has been reported in...
PHPNuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x modules.php Multiple Parameter XSS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script...
PostNuke 0.72x Members_List Module Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/7218/info Multiple path disclosure vulnerabilities have been reported in various PHP scripts used by PHP-Nuke. The issue occurs when an invalid URI parameter is passed to certain scripts. The affected scripts do not provi...
PostNuke 0.6x/0.7x Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18819/info PostNuke is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before displaying it to users of the application. An attacker may leverage these issu...
Zikula CMS 1.3.5 - Multiple Vulnerabilities
Zikula CMS 1.3.5 - Multiple Vulnerabilities Document Title: =============== Zikula CMS v1.3.5 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1114 Release Date: ============= 2013-10-16 Vulnerability Laboratory ID VL-ID:...
pykto
This plugin is a nikto port to python. It uses the scandatabase file from nikto to search for new and vulnerable URLs. The following configurable parameters exist: cgidirs admindirs nukedirs extradbfile mutatetests This plugin reads every line in the scandatabase and extradbfile and based on the...
PostNuke Module phProfession <= 1.5 SQL Injection Vulnerability
Exploit for php platform in category web applications This is private exploit. You can buy it at https://0day.today...
PostNuke pnAddressbook SQL Injection
Exploit Title: PostNuke Module pnAddressbook SQL Injection Vulnerability Date: 1/18/2012 Author: Robert Cooper Robert.Cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable parameter: id= PoC:...