Lucene search
+L

109 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2002-2011

Malware in sbrugna...

5CVSS6.3AI score0.05854EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2001-0292

Malware in sbrugna...

7.5CVSS6.4AI score0.02378EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2004-1990

Malware in sbrugna...

5CVSS6.4AI score0.01441EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2007-5648

Malware in sbrugna...

6.8CVSS6.4AI score0.02291EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 9:58 a.m.12 views

CVE-2011-3784

Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files...

5CVSS6.5AI score0.01229EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:20 p.m.6 views

CVE-2004-2294

Canonicalize-before-filter error in the sendreview function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leadin...

4.3CVSS5.3AI score0.01736EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:30 p.m.22 views

CVE-2002-2032

sqllayer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sqldebug parameter to 1 index.php and 2 modules.php...

5CVSS7.6AI score0.05854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:41 p.m.9 views

CVE-2003-1526

PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as 1 ", 2 ', or 3 in the search field, which reveals the path in an error message...

5CVSS7AI score0.00966EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Protector System 1.15 b1 index.php SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/10206/info Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection vulnerabilities were reported. Exploitation of these issue...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2012/07/11 12:0 a.m.103 views

PHP NUKE ALL VERSION MULTI VULNERABILITY

Exploit Title : PHP NUKE ALL VERSION MULTI VULNERABILITY Author : Iranian Security & Research Team Discovered By : Nafsh Home : sec-lab.ir Contact : research at sec-lab dot ir Date : 23/1/2012 - 19:30 Software Link : www.phpnuke.ir Security Risk : High...

1AI score
Exploits0
seebug.org
seebug.org
added 2010/06/18 12:0 a.m.33 views

PHP-Nuke Module print 6.0 (print&sid) SQL Injection Vulnerability

No description provided by source. Author : Gamoscu Homepage : www.1923turk.com Blog : http://gamoscu.wordpress.com Script : PHP-Nuke Module print 6.0 Download : http://phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=6 Vulnerable File modules.php?name=News&file=print&sid= SQL XpL...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/05/07 12:0 a.m.48 views

PHP-Nuke Friend SQL Injection

Exploit Title: PHP-Nuke 'friend.php' Module Remote SQL Injection Date: 05.05.2010 Author: CMD Contact : [email protected] Version: all version =-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-= Tested on:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2008/03/04 12:0 a.m.15 views

PHP-Nuke Seminars Module - Filename Local File Inclusion

PHP-Nuke Seminars Module - Filename Local File Inclusion source: https://www.securityfocus.com/bid/28089/info The PHP-Nuke 'Seminars' module is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/02/22 12:0 a.m.161 views

PHP-Nuke genaral print SQL Injection(id)

PHP-Nuke genaral print SQL Injectionid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"modules.php?name"print DORK 2 : allinurl:"modules.php?name=Hikaye" DORK : allinurl:"modules.php?name=Fikralar" DORK :...

0.3AI score
Exploits0
CVE
CVE
added 2007/12/15 1:0 a.m.50 views

CVE-2007-6376

CVE-2007-6376 describes a directory traversal vulnerability in the PHP-Nuke 8.0 AutoHTML module (autohtml.php). The root cause is that the filename parameter can be manipulated with a …/ path, enabling local file inclusion and arbitrary code execution on the server. The vulnerability affects PHP-...

7.5CVSS6.8AI score0.02594EPSS
Exploits1References2Affected Software1
exploitpack
exploitpack
added 2005/04/15 12:0 a.m.14 views

PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting

PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting source: https://www.securityfocus.com/bid/13201/info PHP-Nuke is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/15 12:0 a.m.23 views

PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting

source: https://www.securityfocus.com/bid/13201/info PHP-Nuke is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how Web...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/04/05 12:0 a.m.15 views

PHP-Nuke 6.x7.x Your_Account Module - Username Cross-Site Scripting

PHP-Nuke 6.x7.x YourAccount Module - Username Cross-Site Scripting source: https://www.securityfocus.com/bid/13007/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2005/04/05 12:0 a.m.10 views

PHP-Nuke 6.x7.x Your_Account Module - Avatarcategory Cross-Site Scripting

PHP-Nuke 6.x7.x YourAccount Module - Avatarcategory Cross-Site Scripting source: https://www.securityfocus.com/bid/13010/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly...

6.8AI score
Exploits0
NVD
NVD
added 2005/03/26 5:0 a.m.13 views

CVE-2005-0900

marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid 1 file or 2 category parameter, which reveal the path in an error message...

5CVSS6.2AI score0.01373EPSS
Exploits0References3
Rows per page
Query Builder