4 matches found
Nuke ET <= 3.4 (fckeditor) Remote Arbitrary File Upload Exploit
No description provided by source. ?php / --------------------------------------------------------------- Nuke ET = 3.4 fckeditor Remote Arbitrary File Upload Exploit --------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
Nuke ET 3.4 - 'mensaje' Parameter HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28614/info Nuke ET is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Attackers will likely require access to a user account to perform attacks. Exploiting this...
Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload
?php / --------------------------------------------------------------- Nuke ET = 3.4 fckeditor Remote Arbitrary File Upload Exploit --------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.truzone.org/ This PoC was...
Cross site scripting
Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...