myPHPNuke.txt

Informations : °°°°°°°°°°°°° Language : PHP Version : 1.8.87 Website : http://www.myphpnuke.com Problems : - Upload/Copy/Include Files PHP Code/Location : °°°°°°°°°°°°°°°°°°° gallery/displayCategory.php : ------------------------------------------ ... attach;"; else die"No input file specified";...

myPHPNuke My_eGallery gallery/displayCategory.php basepath Parameter Remote File Inclusion

The remote web server appears to be running myPHPNuke. The installed version is affected by a remote file include vulnerability in the 'gallery/displayCategory.php' script. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web...

myPHPNuke phptonuke.php filnavn Parameter Traversal Arbitrary File Access

The version of myPHPNuke installed on the remote host allows anyone to read arbitrary files by passing the full filename to the 'filnavn' argument of the 'phptonuke.php' script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Status: it was not tested against a vulnerable host, and the...

myPHPNuke 1.8.8 - links.php Cross-Site Scripting

myPHPNuke 1.8.8 - links.php Cross-Site Scripting source: https://www.securityfocus.com/bid/6892/info Reportedly, myPHPNuke 'links.php' does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link...

myphpnuke xss

Vendor: http://www.myphpnuke.com Subject: myphpnuke links.php vulnerability myphpnuke is a website portal tool written in php. There are many Cross Site Scripting issue on myphpnuke . Example: http://WEB/myphpnuke/links.php?op=MostPopular&ratenum=scr!ptalertdocument.cookie;/scr!pt&ratetype=percen...

myPHPNuke 1.8.8 - 'links.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/6892/info Reportedly, myPHPNuke 'links.php' does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code that will be executed in the...

phpmynuke css and phpinfo() vuls

myphpnuke version 1.8.8final7 and prior that contain sysinfo are vulnerable to both css attack and phpinfo Disclosure. The problem is that unlike the rest of the scripts under /admin/, sysinfo's footer script called systemfooter.php does not check who the user is. Inside systemfooter.php the...

myPHPNuke 1.8.8 - Default_Theme Cross-Site Scripting

myPHPNuke 1.8.8 - DefaultTheme Cross-Site Scripting source: https://www.securityfocus.com/bid/6544/info Reportedly, myPHPNuke does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing scrip...

myPHPNuke 1.8.8 - 'Default_Theme' Cross-Site Scripting

source: https://www.securityfocus.com/bid/6544/info Reportedly, myPHPNuke does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be executed in the browser of a...

CVE-2002-1913

phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable...