EUVD-2001-0380

Malware in sbrugna...

CVE-2004-1530

SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the 1 eid or 2 cid parameters...

CVE-2004-2293

Multiple cross-site scripting XSS vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the 1 eid parameter or 2 query parameter to the Encyclopedia module, 3 previewreview function in the Reviews module as demonstrated by the url, cover,...

PHP-Nuke 5.x6.x7.x - Direct Script Access Security Bypass

PHP-Nuke 5.x6.x7.x - Direct Script Access Security Bypass source: https://www.securityfocus.com/bid/10447/info PHP-Nuke is affected by a direct script access security vulnerability. This issue is due to a failure to properly validate the location and name of the file being accessed. This issue wi...

PHP-Nuke module PHP-Banner-Exchange path disclosure

------- Product: PHP-Nuke Vendor: F.Burzi Module: PHP-Banner Exchange Version: 1.2 ------- Accessing directly to the PHP Banner Exchange module and without a specified file : http://target/modules/phpbannerexchange/ phpbannerexchange module directory you get this: Warning: mainmainfile.php...

More and More SQL injection on PHP-Nuke 6.5.

/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 011 |-----------------------------------------------------------------------------| | | PHP-Nuke SQL injection | -----------------------------------------------------------------------------/ |...

Проблема с баннерами в php-nuke (banner spoofing)

Можно удаленно поменять URL на которую ссылается баннер...