CVE-2008-1539

CVE-2008-1539 : Vulnerability in PHP-Nuke Platinum 7.6.b.5 where SQL injection occurs in includes/dynamic_titles.php. An attacker can send crafted requests to the Forums module (via the p parameter to modules.php) to execute arbitrary SQL commands remotely. The CVE is documented with a high impac...

phpnukeplat-sql.txt

!/usr/bin/perl Inphex use LWP::UserAgent; use LWP::Simple; use IO::Socket; use Switch; PHP-Nuke Platinum , ForumsStandart - magicquotesgpc = OFF , SQL Injection nukeusers Structure: userid name username useremail femail userwebsite useravatar userregdate usericq userocc userfrom userinterests...

PHP-Nuke Platinum 7.6.b.5 (dynamic_titles.php) SQL Injection Exploit

No description provided by source. !/usr/bin/perl Inphex use LWP::UserAgent; use LWP::Simple; use IO::Socket; use Switch; PHP-Nuke Platinum , ForumsStandart - magicquotesgpc = OFF , SQL Injection nukeusers Structure: userid name username useremail femail userwebsite useravatar userregdate usericq...

PHP-Nuke Platinum 7.6.b.5 - 'dynamic_titles.php' SQL Injection

!/usr/bin/perl Inphex use LWP::UserAgent; use LWP::Simple; use IO::Socket; use Switch; PHP-Nuke Platinum , ForumsStandart - magicquotesgpc = OFF , SQL Injection nukeusers Structure: userid name username useremail femail userwebsite useravatar userregdate usericq userocc userfrom userinterests...

PHP-Nuke Platinum 7.6.b.5 - dynamic_titles.php SQL Injection

PHP-Nuke Platinum 7.6.b.5 - dynamictitles.php SQL Injection !/usr/bin/perl Inphex use LWP::UserAgent; use LWP::Simple; use IO::Socket; use Switch; PHP-Nuke Platinum , ForumsStandart - magicquotesgpc = OFF , SQL Injection nukeusers Structure: userid name username useremail femail userwebsite...

PHP-Nuke Platinum 7.6.b.5 (dynamic_titles.php) SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== PHP-Nuke Platinum 7.6.b.5 dynamictitles.php SQL Injection Exploit ==================================================================== !/usr/bin/perl Inphex use...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in the eWebsite eWeather Weather module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the chart parameter to modules.php...

CVE-2008-1348

Cross-site scripting XSS vulnerability in index.php in the eWebsite eWeather Weather module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the chart parameter to modules.php...

CVE-2008-1348

Cross-site scripting XSS vulnerability in index.php in the eWebsite eWeather Weather module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the chart parameter to modules.php...

CVE-2008-1348

The CVE-2008-1348 entry describes a Cross-site Scripting (XSS) vulnerability in the eWeather (Weather) module’s index.php for PHP-Nuke, exploitable by supplying arbitrary web script or HTML through the chart parameter in modules.php. The affected component is the eWebsite eWeather module within P...

Sql injection

SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter to modules.php...

CVE-2008-1315

SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter to modules.php...

CVE-2008-1315

SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter to modules.php...

CVE-2008-1315

The CVE-2008-1315 entry concerns the PHP-Nuke ZClassifieds module. The vulnerability is a SQL injection in the ZClassifieds module via the cat parameter to modules.php, enabling remote attackers to execute arbitrary SQL commands. Concrete affected component: PHP-Nuke ZClassifieds; underlying issu...

nukec30-sql.txt

------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo -------- ------------------------------------------------------------- = Author : HouSSaMix from H-T Team = Script : PHP-Nuke Module NukeC30 Module's Name: NukeC30 Module's Version: 3.0 ...

phpnukezclass-sql.txt

----- RBT-4 crew Lovebug Italy -------- Author : Lovebug Script : PHP-Nuke Module ZClassifieds cat SQL Injection Bug : modules.php?name=ZClassifieds&cat= S Q L Exploit : -9999999//union//select//pwd,aid//from//nukeauthors/where%20admin1/ Original Advisory:...

XSS in PHP-Nuke (eWeather module)

//////////XSS in PHP-Nuke eWeather module PHP-Nuke http://phpnuke.org: PHP-Nuke is a news automated system specially designed to be used in Intranets and Internet. The Administrator has total control of his web site, registered users, and he will have in the hand a powerful assembly of tools to...

PHP-Nuke Module ZClassifieds [cat] SQL Injection

----- RBT-4 crew Lovebug Italy -------- Author : Lovebug Script : PHP-Nuke Module ZClassifieds cat SQL Injection Bug : modules.php?name=ZClassifieds&cat= S Q L Exploit : -9999999//union//select//pwd,aid//from//nukeauthors/where20admin1/ Original Advisory:...

Sql injection

SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php...

Sql injection

SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the idcatg parameter in a ViewCatg action to modules.php...