PT-2007-2910 · Php Nuke · Php-Nuke

Name of the Vulnerable Software and Affected Versions: PHP-Nuke versions 8.0 and earlier Description: The issue concerns a problem with cross-site request forgery CSRF protection. It does not properly validate the HTTP REFERER, allowing remote attackers to conduct CSRF attacks. Recommendations: F...

Full path disclosure and XSS in PHPNuke

-= SecurityReason-2005-SRA04 =- -= Full path disclosure and XSS in PHPNuke =- Author: sp3x Date: 3. April 2005 In Memory of John Poul II : =========================== "Love converts hearts and gives peace," - John Poul II The Great "To mio nawraca serca i daruje pokуj ludzkoci, ktуra wydaje si...