Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

137 matches found

Prion
Prionadded 2009/01/22 11:30 a.m.8 views

Cross site scripting

Cross-site scripting XSS vulnerability in modules.php in NavBoard 16 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the module parameter...

2.6CVSS6.1AI score0.02126EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2009/01/22 11:0 a.m.38 views

CVE-2008-5944

NavBoard 16 (2.6.0) has a cross-site scripting vulnerability in modules.php exploitable via the module parameter. Per NVD, CVE-2008-5944 enables remote script injection with network access, high complexity, no authentication, and partial integrity impact; no remediation details are provided in th...

2.6CVSS5.9AI score0.02126EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2009/01/22 11:0 a.m.19 views

CVE-2008-5944

Cross-site scripting XSS vulnerability in modules.php in NavBoard 16 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the module parameter...

5.7AI score0.02126EPSS
Exploits1References4
Cvelist
Cvelistadded 2009/01/22 11:0 a.m.18 views

CVE-2008-5943

Multiple directory traversal vulnerabilities in NavBoard 16 2.6.0 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter to 1 adminmodules.php and 2 modules.php...

7.3AI score0.02967EPSS
Exploits1References4
CVE
CVEadded 2009/01/22 11:0 a.m.40 views

CVE-2008-5943

NavBoard 16 (2.6.0) contains multiple directory traversal vulnerabilities enabling remote inclusion/execution of local files via … in the module parameter to admin_modules.php or modules.php. CVSS v2 base score 7.5 (HIGH); network attack vector, low difficulty, no authentication required, partial...

7.5CVSS7.5AI score0.02967EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2008/11/12 9:9 p.m.8 views

CVE-2008-5039

Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...

4.3CVSS5.8AI score0.01823EPSS
Exploits1References4
Prion
Prionadded 2008/11/12 9:9 p.m.6 views

Cross site scripting

Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...

4.3CVSS6.3AI score0.01823EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2008/11/12 8:18 p.m.18 views

CVE-2008-5039

Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...

5.8AI score0.01823EPSS
Exploits1References4
seebug.org
seebug.orgadded 2008/08/11 12:0 a.m.11 views

Gallery 'modules.php'本地文件包含漏洞

BUGTRAQ ID: 30608 CNCAN ID:CNCAN-2008081105 Gallery是一款基于PHP的图库管理程序。 Gallery不正确过滤用户提交的WEB输入,远程攻击者可以利用漏洞以WEB进程权限查看系统文件内容。 问题存在于'modules.php'脚本中,由于不正确过滤'phpEx'参数,构建包含'../'字符的数据作为URI参数,可绕过WEB ROOT限制以WEB进程权限查看系统文件内容。 Gallery Gallery 1.5.7 Gallery Gallery 1.6-alpha3 Gallery 1.5.8已经修正此漏洞:...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2008/08/11 12:0 a.m.14 views

Gallery < 1.5.8 modules.php phpEx Parameter Traversal Local File Inclusion

Binary data 4619.prm...

7.3AI score
Exploits0References1
Prion
Prionadded 2008/08/07 8:41 p.m.7 views

Sql injection

SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php...

7.5CVSS9.1AI score0.00234EPSS
Exploits0References3
Prion
Prionadded 2008/08/07 8:41 p.m.7 views

Sql injection

SQL injection vulnerability in the Book Catalog module 1.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to modules.php...

7.5CVSS9.1AI score0.01013EPSS
Exploits1References6Affected Software1
Packet Storm
Packet Stormadded 2008/08/06 12:0 a.m.22 views

phpnukeklein-sql.txt

Rbt-4 crew http://www.rbt-4.net Author : Lovebug ---------------------------- Remote Sql injection Php-Nuke module name Kleinanzeigen modules.php?name=Kleinanzeigen&aop=visit&lid=sql Exploit username :...

7.4AI score
Exploits0
Prion
Prionadded 2008/06/25 12:36 p.m.10 views

Sql injection

SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php...

7.5CVSS9.1AI score0.00541EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Stormadded 2008/05/19 12:0 a.m.38 views

phpkuran-sql.txt

Author : Lovebug Italy Rbt-4 Crew www.rbt-4.net PHP-Nuke Module KuraniKerim sid SQL Injection Bug : modules.php?name=KuraniKerim&op=TurkceNukeComIslamiModullerDestekSitesi&sid = S Q L Exploit...

7.4AI score
Exploits0
Prion
Prionadded 2008/03/17 4:44 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in the eWebsite eWeather Weather module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the chart parameter to modules.php...

4.3CVSS6.2AI score0.0029EPSS
Exploits1References4
NVD
NVDadded 2008/03/17 4:44 p.m.7 views

CVE-2008-1348

Cross-site scripting XSS vulnerability in index.php in the eWebsite eWeather Weather module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the chart parameter to modules.php...

4.3CVSS5.7AI score0.0029EPSS
Exploits1References4
Prion
Prionadded 2008/03/13 2:44 p.m.13 views

Sql injection

SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter to modules.php...

7.5CVSS9.1AI score0.00372EPSS
Exploits1References5
Packet Storm
Packet Stormadded 2008/03/13 12:0 a.m.26 views

phpnukezclass-sql.txt

----- RBT-4 crew Lovebug Italy -------- Author : Lovebug Script : PHP-Nuke Module ZClassifieds cat SQL Injection Bug : modules.php?name=ZClassifieds&cat= S Q L Exploit : -9999999//union//select//pwd,aid//from//nukeauthors/where%20admin1/ Original Advisory:...

7.4AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2008/03/13 12:0 a.m.2 views

PT-2008-2906 · Php Nuke Team · Php-Nuke

Name of the Vulnerable Software and Affected Versions: PHP-Nuke ZClassifieds module affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the cat parameter in the modules.php endpoint. Recommendations: For...

7.5CVSS7.6AI score0.00372EPSS
Exploits1References7
Rows per page
Query Builder