1732 matches found
PHP-Nuke ratedownload SQL Injection
No description provided by source. =========================================================================== Topic : PHP-Nuke All Version Bug type : SQL Injection Download : http://phpnuke.org/modules.php?name=Downloads Advisory : http://itsecteam.com/fa/vulnerabilities/vulnerability21.htm...
PHP-Nuke 7.x Journal Module Search.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20829/info The PHP-Nuke Journal module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...
PHP-Nuke 7.0/8.1/8.1.35 - Wormable Remote Code Execution
No description provided by source. !/usr/bin/php ?php / Wormable Remote Code Execution in PHP-Nuke 7.0/8.1/8.1.35newist as of release Vendor's Website:http://phpnuke.org/ Secuirty Researcher: Michael Brooks https://sitewat.ch Original Advisory:...
PHP-Nuke Hadith Module - 'cat' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28171/info The Hadith module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
PHP-Nuke 4nChat Module 0.91 - 'roomid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28128/info The 4nChat module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
PHP-Nuke <= 7.9 (Encyclopedia) Remote SQL Injection Exploit
No description provided by source. ? / Neo Security Team - Exploit made by Paisterist on 2006-10-22 http://www.neosecurityteam.net / $host=localhost; $path=/phpnuke/; $prefix=nuke; $port=80; $fp = fsockopen$host, $port, $errno, $errstr, 30; $data=query=fooaa&eid=foo'//UNION SELECT pwd as title FR...
PHP-Nuke zClassifieds Module - 'cat' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28211/info The zClassifieds module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
PHP-Nuke My_eGallery <= 2.7.9 - Remote SQL Injection Vulnerability
No description provided by source. Aria-Security Team http://Aria-Security.Net ----------------------------- Shoutz: Aura, Null, imm02tal, Kinglet, and our staff PHP-Nuke MyeGallery gid Remote SQL Injection Dork: inurl:modules.php?name=MyeGallery...
PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module
No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
PHP-Nuke 1.0/2.5 Administrative Privileges Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1592/info PHP-Nuke is a website creation/maintainence tool written in PHP3. It is possible to elevate priviliges in this system from normal user to administrator due to a flaw in authentication code. The problem occurs...
PHP Nuke 0-7 Double Hex Encoded Input Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13557/info PHP Nuke is prone to an input validation vulnerability. Reports indicate the script fails to correctly identify potentially dangerous characters when the characters are double hex-encoded i.e. %25%41 == %41 == ...
CVE-2014-3934
SQL injection vulnerability in the SubmitNews module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics parameter to modules.php...
Sql injection
SQL injection vulnerability in the SubmitNews module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics parameter to modules.php...
CVE-2014-3934
SQL injection vulnerability in the SubmitNews module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics parameter to modules.php...
CVE-2014-3934
CVE-2014-3934 is a SQL injection vulnerability in the Submit_News module of PHP-Nuke 8.3, exploitable via topics[] in modules.php to execute arbitrary SQL. Impact is partial confidentiality/integrity/availability. Exploitation details are supported by NVD/RedHat entries; CIRCL shows an exploit on...
PHP-Nuke Submit_News Component - SQL Injection
PHP-Nuke SubmitNews Component - SQL Injection source: https://www.securityfocus.com/bid/67656/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the...
PHP-Nuke 8.3 News SQL Injection
title : phpnuke 8.3 sql injection vulnerability Exploit Title: phpnuke 8.3 submit news module sql injection vulnerability Google Dork: inurl:modules.php?name=SubmitNews Date: 5/24/2014 Exploit Author: ali ahmady -- Iranian Researcher snip3rirathotmail.com Vendor Homepage: phpnuke.org Software Lin...
PHP-Nuke 'Submit_News' Component - SQL Injection
source: https://www.securityfocus.com/bid/67656/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploi...
PHP-Nuke Web Links SQL Injection Vulnerability
PHP-Nuke Web Links suffers from a remote SQL injection vulnerability. PHP-Nuke moduleWeb Links - Sql Injection Vulnerabilty =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : email protected , email protected .:. Home :...
PHP-Nuke Web Links SQL Injection
PHP-Nuke moduleWeb Links - Sql Injection Vulnerabilty =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : https://www.phpnuke.org/ .:. Dork :...