Lucene search
K

5 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Nuked-Klan 1.7.5 File Parameter News Module Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26458/info Nuked-Klan is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2007/11/22 12:0 a.m.20 views

CVE-2007-6090

Cross-site scripting XSS vulnerability in index.php in Nuked-Klan 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.6AI score0.00871EPSS
Exploits2References2
Cvelist
Cvelist
added 2006/07/10 8:0 p.m.20 views

CVE-2006-3479

Cross-site request forgery CSRF vulnerability in the delblock function in modules/Admin/block.php in Nuked-Klan 1.7.5 and earlier and 1.7 SP4.2 allows remote attackers to delete arbitrary "blocks" via a link with a modified bid parameter in a delblock op on the block page in index.php...

7AI score0.01329EPSS
Exploits0References5
Prion
Prion
added 2006/03/28 8:2 p.m.19 views

Sql injection

SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php...

5CVSS9.1AI score0.0125EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/03/28 8:0 p.m.29 views

CVE-2006-1419

SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php...

8.4AI score0.0125EPSS
Exploits0References7
Rows per page
Query Builder