Lucene search
+L

33 matches found

CVE
CVE
added 2005/08/04 4:0 a.m.47 views

CVE-2004-2293

PHP-Nuke 6.0–7.3 is affected by multiple XSS flaws in the Encyclopedia module (via the eid parameter or the module query), in Reviews module via the preview_review function (parameters: url, cover, rlanguage, hits), and in Reviews via savecomment (uname parameter). Root cause: improper handling o...

4.3CVSS6.1AI score0.01973EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2005/08/04 4:0 a.m.48 views

CVE-2004-2296

CVE-2004-2296 affects the PHP-Nuke Reviews module (versions 6.0–7.3) where the preview_review function on Windows allows a remote attacker to obtain sensitive information by supplying an invalid date parameter, which triggers an error message. The vulnerability is described as a potential partial...

5CVSS6.6AI score0.01708EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2005/05/02 4:0 a.m.10 views

CVE-2005-1050

The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message...

5CVSS6.3AI score0.01425EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/04/12 4:0 a.m.26 views

CVE-2005-1050

The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message...

6.3AI score0.01425EPSS
Exploits0References4
CVE
CVE
added 2005/04/12 4:0 a.m.51 views

CVE-2005-1050

CVE-2005-1050 affects PostNuke 0.760-RC3 in the Reviews module’s modload op. The vulnerability allows remote attackers to disclose sensitive information by supplying an invalid id parameter, causing a PHP error message that reveals the path. The NVD entry rates impact as Partial Confidentiality w...

5CVSS6.7AI score0.01425EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-2297

The Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to cause a denial of service CPU and memory consumption via a large, out-of-range score parameter...

5CVSS6.6AI score0.03634EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2004/08/02 12:0 a.m.19 views

PostNuke Reviews Module title Parameter XSS

The remote host is running a version of PostNuke that contains the 'Reviews' module, which itself is vulnerable to a cross-site scripting issue. An attacker may use this flaw to steal the cookies of the legitimate users of this website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.6AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/26 12:0 a.m.26 views

PostNuke 0.72/0.75 Reviews Module - Cross-Site Scripting

source: https://www.securityfocus.com/bid/10802/info PostNuke is reported prone to a cross-site scripting vulnerability. This issue affects the 'title' parameter of 'Reviews' script. Exploitation of this issue could allow for theft of cookie-based authentication credentials. Other attacks are als...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/06/11 12:0 a.m.24 views

PHP-Nuke 6.x/7.x Reviews Module - 'order' SQL Injection

source: https://www.securityfocus.com/bid/10524/info PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application: PHP-Nuke is prone to multiple cross-site scripting vulnerabilities...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/06/11 12:0 a.m.27 views

PHP-Nuke 6.x/7.x Reviews Module - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/10524/info PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application: PHP-Nuke is prone to multiple cross-site scripting vulnerabilities...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/06/11 12:0 a.m.22 views

PHP-Nuke 6.x7.x Reviews Module - order SQL Injection

PHP-Nuke 6.x7.x Reviews Module - order SQL Injection source: https://www.securityfocus.com/bid/10524/info PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application: PHP-Nuke is...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2004/02/09 12:0 a.m.23 views

PHP-Nuke 6.x/7.x 'Reviews' Module - Cross-Site Scripting

source: https://www.securityfocus.com/bid/9613/info It has been reported that the PHP-Nuke module 'Reviews' is prone to a cross-site scripting vulnerability. The issue arises due to the module failing to properly sanitize user-supplied information. This could allow for execution of hostile HTML a...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/02/09 12:0 a.m.13 views

PHP-Nuke 6.x7.x Reviews Module - Cross-Site Scripting

PHP-Nuke 6.x7.x Reviews Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/9613/info It has been reported that the PHP-Nuke module 'Reviews' is prone to a cross-site scripting vulnerability. The issue arises due to the module failing to properly sanitize user-supplied...

6.8AI score
Exploits0
Rows per page
Query Builder