phpnukeInclude.txt

local file include in PHP-Nuke autohtml.php Rish : High Class : Local Script : autohtml.php Thanks : www.lezr.com/vb & All kuwait hackers Link : http://www.lezr.com/vb/showthread.php?p=104324 Drkiz : allinurl:"autohtml.php" autohtml.php?op=modload&name=The-file-you-want-to-include Exampel :...

CVE-2006-4190

Directory traversal vulnerability in autohtml.php in the AutoHTML module for PHP-Nuke allows local users to include arbitrary files via a .. dot dot in the name parameter for a modload operation...

CVE-2006-4190

Directory traversal vulnerability in autohtml.php in the AutoHTML module for PHP-Nuke allows local users to include arbitrary files via a .. dot dot in the name parameter for a modload operation...

CVE-2006-4190

CVE-2006-4190 is a directory traversal vulnerability in the AutoHTML module for PHP-Nuke, exploitable via a .. in the name parameter of a modload operation within autohtml.php. The affected component is the AutoHTML module’s autohtml.php; root cause is improper handling of the filename parameter ...

local file include in PHP-Nuke (autohtml.php)

local file include in PHP-Nuke autohtml.php Rish : High Class : Local Script : autohtml.php Thanks : www.lezr.com/vb & All kuwait hackers Link : http://www.lezr.com/vb/showthread.php?p=104324 Drkiz : allinurl:"autohtml.php" autohtml.php?op=modload&name=The-file-you-want-to-include Exampel :...

PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion

PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion source: https://www.securityfocus.com/bid/19525/info PHP-Nuke AutoHTML Module is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit may allow an attacker to execute arbitra...

PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion

source: https://www.securityfocus.com/bid/19525/info PHP-Nuke AutoHTML Module is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit may allow an attacker to execute arbitrary local scripts within the context of the affected...

phpnukeXSSaria.txt

---------------------------------------------------------- Aria-Security.net Advisory Discovered by: l2odon Gr33t to: O.U.T.L.A.W & A.u.r.a & DrtRp & Cl0wn ----------------------------------------------------------- Software: PHP-Nuke INP Description: PHP-Nuke INP is the modified version of...

CVE-2006-3948

Technical details for CVE-2006-3948 are not publicly available in the provided connected documents. Monitor for updates.

CVE-2006-3948

Cross-site scripting XSS vulnerability in modules.php in PHP-Nuke INP allows remote attackers to inject arbitrary web script or HTML via the query parameter...

PHP-Nuke INP XSS

---------------------------------------------------------- Aria-Security.net Advisory Discovered by: l2odon www.Aria-security.net Gr33t to: O.U.T.L.A.W & A.u.r.a & DrtRp & Cl0wn ----------------------------------------------------------- Software: PHP-Nuke INP Description: PHP-Nuke INP is the...

PHP-Nuke - 'INP modules.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19208/info PHPNuke INP is prone to a cross-site scripting vulnerability that affects the 'modules.php' script. The specific version affected is currently unknown. http://www.example.com/path/modules.php?name=Downloads&op=search&query=alert'ARIA'...

CVE-2006-3598

SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op...

CVE-2006-3599

SQL injection vulnerability in the Nuke Advanced Classifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the idads parameter in an EditAds op...

CVE-2006-3598

CVE-2006-3598 affects the PHP-Nuke Sections module. The vulnerability is a SQL injection in the viewarticle op via the artid parameter, allowing remote attackers to execute arbitrary SQL commands. Public references indicate exploitation avenues exist (e.g., Exploit-DB, SecurityFocus). CVSS metric...

CVE-2006-3599

The CVE-2006-3599 entry describes a SQL injection vulnerability in the Nuke Advanced Classifieds module for PHP-Nuke. Affected component: the EditAds operation, exploitable via the id_ads parameter. Impact: remote attackers could execute arbitrary SQL commands (partial confidentiality/integrity/a...

CVE-2006-3598

SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op...

CVE-2006-3599

SQL injection vulnerability in the Nuke Advanced Classifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the idads parameter in an EditAds op...

PHP-Nuke Module's Name Sections<<--V3 SQL Injection

================================ Discovered By: CrAzY CrAcKeR ================================ Example:- /modules.php?name=Sections&op=viewarticle&artid=SQL ================================ Email:[email protected]...

PHP-Nuke Download Module Remote SQL Injection

================================== Fund By:BuNy-m Special for Site:www.alshmokh.com E-mail:[email protected] ================================== Example: /modules.php?name=Downloads&dop=viewdownload&cid=220UNION20select20counter,20aid,20pwd20FROM20nukeauthors20...