18 matches found
EUVD-2004-2000
Malware in sbrugna...
EUVD-2004-1999
Malware in sbrugna...
EUVD-2004-2001
Malware in sbrugna...
Adam Webb NukeJokes 1.7/2.0 Module modules.php jokeid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10306/info It has been reported that the NukeJokes module is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input...
Adam Webb NukeJokes 1.7/2.0 Module Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10306/info It has been reported that the NukeJokes module is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input...
CVE-2004-2008
CVE-2004-2008 describes an SQL injection in modules.php of NukeJokes 1.7 and 2 Beta , allowing remote attackers to modify/execute SQL via the jokeid parameter. The vulnerability arises from unsafely incorporated input in the query, enabling data disclosure or modification depending on the backend...
CVE-2004-2009
NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via 1 a direct call to mainfunctions.php, 2 an invalid jokeid parameter in a JokeView function or 3 an invalid cat parameter in a CatView function, which reveals the path in a PHP error message...
CVE-2004-2008
SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter...
CVE-2004-2007
Cross-site scripting XSS vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to inject arbitrary HTML or web script via the 1 cat parameter in a CatView function or 2 jokeid parameter in a JokeView function...
CVE-2004-2007
CVE-2004-2007 describes a cross-site scripting (XSS) vulnerability in modules.php for NukeJokes 1.7 and 2 Beta. The flaw allows remote attackers to inject arbitrary HTML or web script via (1) the cat parameter in CatView or (2) the jokeid parameter in JokeView. This is a client-side script inject...
CVE-2004-2009
CVE-2004-2009 concerns NukeJokes versions 1.7 and 2 Beta. The vulnerability allows remote attackers to reveal the server’s full filesystem path through PHP error messages triggered by: (1) a direct request to mainfunctions.php, (2) an invalid jokeid parameter in JokeView, or (3) an invalid cat pa...
[waraxe-2004-SA#028 - Multiple vulnerabilities in NukeJokes module for PhpNuke]
================================================================================ waraxe-2004-SA028 ================================================================================ Multiple vulnerabilities in NukeJokes module for PhpNuke...
waraxe-2004-SA028.txt
================================================================================ waraxe-2004-SA028 ================================================================================ Multiple vulnerabilities in NukeJokes module for PhpNuke...
CVE-2004-2007
Cross-site scripting XSS vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to inject arbitrary HTML or web script via the 1 cat parameter in a CatView function or 2 jokeid parameter in a JokeView function...
CVE-2004-2008
SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter...
CVE-2004-2009
NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via 1 a direct call to mainfunctions.php, 2 an invalid jokeid parameter in a JokeView function or 3 an invalid cat parameter in a CatView function, which reveals the path in a PHP error message...
Adam Webb NukeJokes 1.72.0 Module - Multiple Cross-Site Scripting Vulnerabilities
Adam Webb NukeJokes 1.72.0 Module - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/10306/info It has been reported that the NukeJokes module is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to...
Adam Webb NukeJokes 1.7/2.0 Module - 'modules.php?jokeid' SQL Injection
source: https://www.securityfocus.com/bid/10306/info It has been reported that the NukeJokes module is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. Multiple SQL injection issues exists du...