11 matches found
EUVD-2005-3435
Malware in sbrugna...
EUVD-2006-0513
Malware in sbrugna...
EUVD-2005-3304
Malware in sbrugna...
CVE-2006-4480
CVE-2006-4480 affects Nuked-Klan 1.7 SP4.3. The issue is an incomplete blacklist in the nk_CSS function (nuked.php) that can bypass anti‑XSS protections, allowing remote attackers to inject arbitrary script/HTML via a JavaScript payload in an attribute value not covered by the blacklist (demonstr...
Nuked Klan 1.7 SP4.3 : Function Anti-XSS Bypassed
// - BEGIN - // By Blwood // http://blwood.net http://blwood.net/ We can bypassed the function anti-xss called nkCSS nuked.php using like this : b id="blwood" style="width:expressionalert' http://www.blwood.net' http://www.blwood.net272929/"/b Here is the function : function nkCSS$str if $str != ...
Nuked Klan 1.7 SP4.3 : Function Anti-XSS Bypassed
// - BEGIN - // By Blwood // http://blwood.net http://blwood.net/ We can bypassed the function anti-xss called nkCSS nuked.php using like this : b id="blwood" style="width:expressionalert' http://www.blwood.net' http://www.blwood.net272929/"/b Here is the function : function nkCSS$str if $str != ...
CVE-2006-0506
Cross-site scripting XSS vulnerability in index.php in Nuked-klaN 1.7 allows remote attackers to inject arbitrary web script or HTML via the letter parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Nuked-klaN 1.7 allows remote attackers to inject arbitrary web script or HTML via the letter parameter...
CVE-2006-0506
Cross-site scripting XSS vulnerability in index.php in Nuked-klaN 1.7 allows remote attackers to inject arbitrary web script or HTML via the letter parameter...
CVE-2006-0506
CVE-2006-0506 is an XSS vulnerability in Nuked-klaN 1.7, exploitable via the letter parameter in index.php. The issue arises from insufficient input sanitization, allowing remote attackers to inject arbitrary script or HTML. The entry is corroborated by multiple sources (NVD records and CVE listi...
CVE-2005-3305
Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary SQL commands via the 1 forumid or 2 threadid parameter in the Forum file, 3 the linkid in the Links file, 4 the artid parameter in the Sections file, and 5 the dlid parameter in the Download file...