PHP-Nuke MyHeadlines 4.3.1 Module Cross-Site Scripting Vulnerability

No description provided by source...

PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29261/info The 'KuiraniKerim' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow ...

PHP Nuke 5.0 'user.php' Form Element Substitution Vulnerabilty

No description provided by source. source: http://www.securityfocus.com/bid/3107/info PHP-Nuke is a website creation/maintenance tool written in PHP3. If a malicious user may subtitute arbitrary values for image form elements in the PHP-Nuke User Registration Form by saving the webpage locallyas...

PHP-Nuke Book Catalog Module 1.0 'upload.php' Arbitrary File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19890/info The Book Catalog module for PHP-Nuke is prone to a vulnerability that lets attackers upload arbitrary files. Exploiting this issue may allow an attacker to compromise the application and the underlying system;...

PHP-Nuke Classifieds Module - 'Details' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27930/info The Classifieds module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

PHP-Nuke 6.0 - Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/6409/info It has been discovered that multiple PHP scripts used by PHP-Nuke are vulnerable to cross-sitescripting attacks. Due to insufficient sanitization of web requests it is possible for script code to be embedded in...

PHP-Nuke Downloads Module - 'sid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27932/info The Downloads module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

PHP-Nuke 8.0 .3.3b SQL Injection Protection Bypass and Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23528/info PHP-Nuke is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker t...

PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10595/info PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting, HTML injection, and SQL injecti...

PHP-Nuke 6.0 - Multiple Path Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/6406/info Multiple path disclosure vulnerabilities have been discovered in PHP-Nuke. This issue occurs when requesting a PHP script that shouldn't be accessed directly. Exploiting this issue will cause the target server t...

PHP-Nuke 6.0 Modules.PHP Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6465/info A denial of service vulnerability has been reported for the modules.php script used by PHP-Nuke. The vulnerability occurs because the modules.php script does not properly validate some URI parameters. An attacke...

PHP-Nuke Advertising Module 0.9 Modules.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26406/info The PHP-Nuke Advertising Module is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allo...

PHP-Nuke Sell Module - 'cid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27980/info The 'Sell' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

PHP-Nuke Gallery 1.3 Module - 'artid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27957/info The Gallery module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

PHP-Nuke 6.x/7.x Your_Account Module Username Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13007/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...

PHP-Nuke 6.x/7.x Downloads Module Lid Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13011/info It is reported that the PHP-Nuke 'Downloads' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...

PHP-Nuke 7.6 Web_Links Module Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13025/info PHP-Nuke is reportedly affected by multiple cross-site scripting vulnerabilities in the WebLinks Module. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacke...

PHP-Nuke 6.x/7.x CookieDecode Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10128/info Reportedly PHP-NuKe is prone to a remote cross-site scripting vulnerability. This issue is due to a failure of the 'cookiedecode' function to properly sanitize user supplied cookie parameters. These issues coul...

PHP-Nuke Module print 6.0 (print&sid) SQL Injection Vulnerability

No description provided by source...

Php-Nuke - Local File Include Vulnerability

No description provided by source. ======================================================================================= Topic : Php-Nuke Bug type : Local File Include Vulnerability Author : ItSecTeam Remote : Yes Status : Bug ===================== Content ====================== Advisory Conten...