109 matches found
EUVD-2002-2011
Malware in sbrugna...
EUVD-2001-0292
Malware in sbrugna...
EUVD-2004-1990
Malware in sbrugna...
EUVD-2007-5648
Malware in sbrugna...
CVE-2011-3784
Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files...
CVE-2004-2294
Canonicalize-before-filter error in the sendreview function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leadin...
CVE-2002-2032
sqllayer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sqldebug parameter to 1 index.php and 2 modules.php...
CVE-2003-1526
PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as 1 ", 2 ', or 3 in the search field, which reveals the path in an error message...
Protector System 1.15 b1 index.php SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10206/info Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection vulnerabilities were reported. Exploitation of these issue...
PHP NUKE ALL VERSION MULTI VULNERABILITY
Exploit Title : PHP NUKE ALL VERSION MULTI VULNERABILITY Author : Iranian Security & Research Team Discovered By : Nafsh Home : sec-lab.ir Contact : research at sec-lab dot ir Date : 23/1/2012 - 19:30 Software Link : www.phpnuke.ir Security Risk : High...
PHP-Nuke Module print 6.0 (print&sid) SQL Injection Vulnerability
No description provided by source. Author : Gamoscu Homepage : www.1923turk.com Blog : http://gamoscu.wordpress.com Script : PHP-Nuke Module print 6.0 Download : http://phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=6 Vulnerable File modules.php?name=News&file=print&sid= SQL XpL...
PHP-Nuke Friend SQL Injection
Exploit Title: PHP-Nuke 'friend.php' Module Remote SQL Injection Date: 05.05.2010 Author: CMD Contact : [email protected] Version: all version =-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-= Tested on:...
PHP-Nuke Seminars Module - Filename Local File Inclusion
PHP-Nuke Seminars Module - Filename Local File Inclusion source: https://www.securityfocus.com/bid/28089/info The PHP-Nuke 'Seminars' module is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized...
PHP-Nuke genaral print SQL Injection(id)
PHP-Nuke genaral print SQL Injectionid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"modules.php?name"print DORK 2 : allinurl:"modules.php?name=Hikaye" DORK : allinurl:"modules.php?name=Fikralar" DORK :...
CVE-2007-6376
CVE-2007-6376 describes a directory traversal vulnerability in the PHP-Nuke 8.0 AutoHTML module (autohtml.php). The root cause is that the filename parameter can be manipulated with a …/ path, enabling local file inclusion and arbitrary code execution on the server. The vulnerability affects PHP-...
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting source: https://www.securityfocus.com/bid/13201/info PHP-Nuke is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this...
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting
source: https://www.securityfocus.com/bid/13201/info PHP-Nuke is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how Web...
PHP-Nuke 6.x7.x Your_Account Module - Username Cross-Site Scripting
PHP-Nuke 6.x7.x YourAccount Module - Username Cross-Site Scripting source: https://www.securityfocus.com/bid/13007/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize...
PHP-Nuke 6.x7.x Your_Account Module - Avatarcategory Cross-Site Scripting
PHP-Nuke 6.x7.x YourAccount Module - Avatarcategory Cross-Site Scripting source: https://www.securityfocus.com/bid/13010/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly...
CVE-2005-0900
marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid 1 file or 2 category parameter, which reveal the path in an error message...