PHP-Nuke 7.5 - 7.8 (Search) Remote SQL Injection Exploit

No description provided by source. / | | | | | | | / | | | | | |/ \ | | --- | |----| | \ \ || | | | || / Copyright C 2006 Untruth Labs Critical sql injection in phpNuke 7.5-7.8 Exploit coded by unitedbr greetz: paulin, barros, xgc found by Janek Vind "waraxe" Original advisory:...

CVE-2005-0434

Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...

CVE-2005-0434

Affected product: Php-Nuke 7.5. The CVE describes multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary HTML or web script via parameters (1) newdownloadshowdays in a NewDownloads operation or (2) newlinkshowdays in a NewLinks operation. Root cause is...

CVE-2005-0433

Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to 1 db.php, 2 mainfile.php, 3 Downloads/index.php, or 4 WebLinks/index.php, which lists the path in a PHP error message...

CVE-2005-0433

Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to 1 db.php, 2 mainfile.php, 3 Downloads/index.php, or 4 WebLinks/index.php, which lists the path in a PHP error message...