PHP-Nuke 6.5 Addon Viewpage.PHP File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7191/info PHP-Nuke has been reported prone to a file disclosure vulnerability when using the viewpage.php addon. It has been reported that PHP-Nuke may disclose arbitrary web server readable files under certain...

CVE-2004-1820

PHP remote file inclusion vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary PHP code by modifying the basepath parameter to reference a URL on a remote web server that contains fileFunctions.php...

CVE-2004-1821

SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to gain privileges or perform unauthorized database operations via the gid parameter...

CVE-2004-1819

4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to obtain sensitive information via a direct request to displaycategory.php, which reveals the path in an error message...

Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!)

/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 010 |-----------------------------------------------------------------------------| | | PHP-Nuke SQL injection | -----------------------------------------------------------------------------/ |...