33 matches found
CVE-2004-2293
PHP-Nuke 6.0–7.3 is affected by multiple XSS flaws in the Encyclopedia module (via the eid parameter or the module query), in Reviews module via the preview_review function (parameters: url, cover, rlanguage, hits), and in Reviews via savecomment (uname parameter). Root cause: improper handling o...
CVE-2004-2296
CVE-2004-2296 affects the PHP-Nuke Reviews module (versions 6.0–7.3) where the preview_review function on Windows allows a remote attacker to obtain sensitive information by supplying an invalid date parameter, which triggers an error message. The vulnerability is described as a potential partial...
CVE-2005-1050
The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message...
CVE-2005-1050
The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message...
CVE-2005-1050
CVE-2005-1050 affects PostNuke 0.760-RC3 in the Reviews module’s modload op. The vulnerability allows remote attackers to disclose sensitive information by supplying an invalid id parameter, causing a PHP error message that reveals the path. The NVD entry rates impact as Partial Confidentiality w...
CVE-2004-2297
The Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to cause a denial of service CPU and memory consumption via a large, out-of-range score parameter...
PostNuke Reviews Module title Parameter XSS
The remote host is running a version of PostNuke that contains the 'Reviews' module, which itself is vulnerable to a cross-site scripting issue. An attacker may use this flaw to steal the cookies of the legitimate users of this website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
PostNuke 0.72/0.75 Reviews Module - Cross-Site Scripting
source: https://www.securityfocus.com/bid/10802/info PostNuke is reported prone to a cross-site scripting vulnerability. This issue affects the 'title' parameter of 'Reviews' script. Exploitation of this issue could allow for theft of cookie-based authentication credentials. Other attacks are als...
PHP-Nuke 6.x/7.x Reviews Module - 'order' SQL Injection
source: https://www.securityfocus.com/bid/10524/info PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application: PHP-Nuke is prone to multiple cross-site scripting vulnerabilities...
PHP-Nuke 6.x/7.x Reviews Module - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/10524/info PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application: PHP-Nuke is prone to multiple cross-site scripting vulnerabilities...
PHP-Nuke 6.x7.x Reviews Module - order SQL Injection
PHP-Nuke 6.x7.x Reviews Module - order SQL Injection source: https://www.securityfocus.com/bid/10524/info PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application: PHP-Nuke is...
PHP-Nuke 6.x/7.x 'Reviews' Module - Cross-Site Scripting
source: https://www.securityfocus.com/bid/9613/info It has been reported that the PHP-Nuke module 'Reviews' is prone to a cross-site scripting vulnerability. The issue arises due to the module failing to properly sanitize user-supplied information. This could allow for execution of hostile HTML a...
PHP-Nuke 6.x7.x Reviews Module - Cross-Site Scripting
PHP-Nuke 6.x7.x Reviews Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/9613/info It has been reported that the PHP-Nuke module 'Reviews' is prone to a cross-site scripting vulnerability. The issue arises due to the module failing to properly sanitize user-supplied...