1732 matches found
CVE-2008-7038
SQL injection vulnerability in the MyeGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect...
CVE-2008-7038
CVE-2008-7038 describes a SQL injection in the My_eGallery module for PHP-Nuke. The vulnerability is triggered by manipulating the gid parameter in a showgall action to modules.php, allowing remote execution of arbitrary SQL commands. The description notes that the issue was disclosed by an unrel...
CVE-2008-6865
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action...
CVE-2008-6866
SQL injection vulnerability in modules.php in the CurrentIssue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action...
Sql injection
SQL injection vulnerability in modules.php in the CurrentIssue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action...
Sql injection
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action...
CVE-2008-6865
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action...
CVE-2008-6866
SQL injection vulnerability in modules.php in the CurrentIssue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action...
CVE-2008-6865
The CVE-2008-6865 entry describes a SQL injection in the PHP-Nuke framework, specifically in the Sectionsnew module’s modules.php. The vulnerability arises when remote attackers can inject SQL via the artid parameter in a printpage action, enabling arbitrary SQL execution. Affected component: PHP...
CVE-2008-6866
The CVE-2008-6866 entry describes a SQL injection vulnerability in PHP-Nuke’s Current_Issue module (in modules.php). The vulnerability is triggered via the id parameter in a summary action, potentially allowing remote attackers to construct and execute arbitrary SQL commands. The affected compone...
PHP-Nuke 8.0 Downloads Module - query Cross-Site Scripting
PHP-Nuke 8.0 Downloads Module - query Cross-Site Scripting source: https://www.securityfocus.com/bid/35180/info PHP-Nuke is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...
PHP-Nuke 8.0 Downloads Module - 'query' Cross-Site Scripting
source: https://www.securityfocus.com/bid/35180/info PHP-Nuke is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
PHP-Nuke SQL Injection Vulnerability
PHP-Nuke is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpnuke:php-nuke";...
CVE-2009-1842
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header...
Sql injection
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header...
CVE-2009-1842
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header...
CVE-2009-1842
PHP-Nuke 8.0 is affected by a SQL injection in main/tracking/userLog.php that allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. Documented as CVE-2009-1842 with CVSS v2 base score 7.5 (network, low complexity, no auth). Affected product: PHP-Nuke; vulnerabilit...
PHP Nuke v.8.0 (referer) SQL Injection
PHP Nuke v.8.0 referer SQL Injection Author: Gerendi Sandor Attila Original advisory: http://gsasec.blogspot.com/2009/05/php-nuke-v80-referer-sql-injection.html Date: May 14, 2009 Package: PHP-Nuke Product homepage: http://phpnuke.org/ Versions Affected: v.8.0 Other versions may also be affected...
PHP-Nuke 8.0 SQL Injection
PHP Nuke v.8.0 referer SQL Injection Author: Gerendi Sandor Attila Original advisory: http://gsasec.blogspot.com/2009/05/php-nuke-v80-referer-sql-injection.html Date: May 14, 2009 Package: PHP-Nuke Product homepage: http://phpnuke.org/ Versions Affected: v.8.0 Other versions may also be affected...
PHP-Nuke 8.0 - maintrackinguserLog.php SQL Injection
PHP-Nuke 8.0 - maintrackinguserLog.php SQL Injection source: https://www.securityfocus.com/bid/35117/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...