CVE-2005-3016

Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors...

CVE-2005-3016

Technical details are not publicly available in the provided documents for CVE-2005-3016. No concrete information on affected products, versions, root cause, or remediation is provided; monitor for updates.

CVE-2005-3016

Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors...

PHP-Nuke 7.8 - modules.php SQL Injection

PHP-Nuke 7.8 - modules.php SQL Injection / PHP-Nuke 4.0 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru / // tested on 7.8 include include include include include include include define START 47 define END 103 define SZ 1024 define PORT 80 define PREFIX "nuke" define SQL...

PHP-Nuke 7.8 - 'modules.php' SQL Injection

/ PHP-Nuke 4.0 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru / // tested on 7.8 include include include include include include include define START 47 define END 103 define SZ 1024 define PORT 80 define PREFIX "nuke" define SQL...

PHP-Nuke <= 7.8 (modules.php) SQL Injection Exploit

No description provided by source. / PHP-Nuke =7.8 SQL injection exploit need MySQL 4.0 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru / // tested on 7.8 include stdio.h include string.h include sys/types.h include sys/socket.h include netinet/in.h include netdb.h include regex.h defi...

PHP-Nuke <= 7.8 (modules.php) SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================== PHP-Nuke 4.0 coded by 1dt.w0lf RST/GHC / // tested on 7.8 include include include include include include include define START 47 define END 103 define SZ 1024 define PORT 80 define PREFI...

[SA16843] PHP-Nuke Unspecified wysiwyg Editor Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

PHPNuke78.txt

NewAngels Advisory 7PHP Nuke sqlquery"SELECT active, view FROM ".$prefix."modules WHERE title='$name'"; The $name variable is not checked so you could inject malicious SQL Code. In an file which is included whe have the following code: $queryString = strtolower$SERVER'QUERYSTRING'; if...

PHP Nuke &lt;= 7.8 Multiple SQL Injections

NewAngels Advisory 7PHP Nuke = 7.8 Multiple SQL Injections ============================================================================= Software: PHP Nuke 7.8 Type: SQL Injections Risk: High Date: Sep. 10 2005 Vendor: PHP-Nuke phpnuke.org Credit: ======= Robin 'onkelfisch' Verton from...

PHP-Nuke

PHP-Nuke Search Cross-Site Scripting Vulnerability Vulnerable: i think all ver. data:2005-09-5 exploit : openme.htm :: html form name=searchform method=post action=http://target/modules.php?op=modload&name=SearchEnhanced&file= index input type="text" name="query" size="15" value='script...

phpnukeXSS.txt

PHP-Nuke Search Cross-Site Scripting Vulnerability Vulnerable: i think all ver. data:2005-09-5 exploit : openme.htm :: ' document.searchform.sub.click thanks , BHFH. email : [email protected]...

CVE-2004-2351

Cross-site scripting XSS vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including 1 name, 2 email, 3 city, and 4 message, which do not use the and tags, which are filtered by PHP-Nuke...

CVE-2004-2352

Cross-site scripting XSS vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $COOKIE PHP variable, which is not cleansed by PHP-Nuke...

CVE-2004-2351

CVE-2004-2351 describes a cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0. Remote attackers can inject arbitrary web script or HTML through multiple user-input fields (name, email, city, message) that reportedly do not use [removed] or tags, which PHP-Nuke purportedly filters....

CVE-2004-2352

The CVE-2004-2352 entry documents a Cross-site Scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0. Affected component: GBook for PHP-Nuke 1.0; vulnerability type: XSS via cookies stored in the $_COOKIE variable that are not cleansed by PHP-Nuke. Impact: remote attackers could inject arbitrar...

CVE-2004-2354

SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting XSS attacks when MySQL errors are triggered...

CVE-2004-2354

CVE-2004-2354 describes a SQL injection vulnerability in the 4nGuestbook 0.92 module used with PHP-Nuke 6.5–6.9. The flaw allows remote attackers to modify SQL statements via the entry parameter to modules.php, with the potential to trigger MySQL errors that may enable cross-site scripting (XSS)....

postnuke0750.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.750=x cXIb8O3.5 Author: cXIb8O3 Date: 2.3.2005 from SecurityReason.Com - --- 0.Description --- PostNuke: The Phoenix Release 0.750 PostNuke is an open source, open developement content management system CMS. PostNuke started a...

CVE-2004-2295

SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter...