CVE-2005-3016

Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors...

CVE-2005-3016

Technical details are not publicly available in the provided documents for CVE-2005-3016. No concrete information on affected products, versions, root cause, or remediation is provided; monitor for updates.

CVE-2005-3016

Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors...

PHP-Nuke 7.8 - 'modules.php' SQL Injection

/ PHP-Nuke 4.0 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru / // tested on 7.8 include include include include include include include define START 47 define END 103 define SZ 1024 define PORT 80 define PREFIX "nuke" define SQL...

PHP-Nuke <= 7.8 (modules.php) SQL Injection Exploit

No description provided by source. / PHP-Nuke =7.8 SQL injection exploit need MySQL 4.0 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru / // tested on 7.8 include stdio.h include string.h include sys/types.h include sys/socket.h include netinet/in.h include netdb.h include regex.h defi...

PHP-Nuke 7.8 - modules.php SQL Injection

PHP-Nuke 7.8 - modules.php SQL Injection / PHP-Nuke 4.0 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru / // tested on 7.8 include include include include include include include define START 47 define END 103 define SZ 1024 define PORT 80 define PREFIX "nuke" define SQL...

[SA16843] PHP-Nuke Unspecified wysiwyg Editor Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

PHP-Nuke <= 7.8 (modules.php) SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================== PHP-Nuke 4.0 coded by 1dt.w0lf RST/GHC / // tested on 7.8 include include include include include include include define START 47 define END 103 define SZ 1024 define PORT 80 define PREFI...

PHPNuke78.txt

NewAngels Advisory 7PHP Nuke sqlquery"SELECT active, view FROM ".$prefix."modules WHERE title='$name'"; The $name variable is not checked so you could inject malicious SQL Code. In an file which is included whe have the following code: $queryString = strtolower$SERVER'QUERYSTRING'; if...

PHP Nuke &lt;= 7.8 Multiple SQL Injections

NewAngels Advisory 7PHP Nuke = 7.8 Multiple SQL Injections ============================================================================= Software: PHP Nuke 7.8 Type: SQL Injections Risk: High Date: Sep. 10 2005 Vendor: PHP-Nuke phpnuke.org Credit: ======= Robin 'onkelfisch' Verton from...

phpnukeXSS.txt

PHP-Nuke Search Cross-Site Scripting Vulnerability Vulnerable: i think all ver. data:2005-09-5 exploit : openme.htm :: ' document.searchform.sub.click thanks , BHFH. email : [email protected]...

PHP-Nuke

PHP-Nuke Search Cross-Site Scripting Vulnerability Vulnerable: i think all ver. data:2005-09-5 exploit : openme.htm :: html form name=searchform method=post action=http://target/modules.php?op=modload&name=SearchEnhanced&file= index input type="text" name="query" size="15" value='script...

CVE-2004-2351

CVE-2004-2351 describes a cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0. Remote attackers can inject arbitrary web script or HTML through multiple user-input fields (name, email, city, message) that reportedly do not use [removed] or tags, which PHP-Nuke purportedly filters....

CVE-2004-2352

The CVE-2004-2352 entry documents a Cross-site Scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0. Affected component: GBook for PHP-Nuke 1.0; vulnerability type: XSS via cookies stored in the $_COOKIE variable that are not cleansed by PHP-Nuke. Impact: remote attackers could inject arbitrar...

CVE-2004-2354

CVE-2004-2354 describes a SQL injection vulnerability in the 4nGuestbook 0.92 module used with PHP-Nuke 6.5–6.9. The flaw allows remote attackers to modify SQL statements via the entry parameter to modules.php, with the potential to trigger MySQL errors that may enable cross-site scripting (XSS)....

CVE-2004-2351

Cross-site scripting XSS vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including 1 name, 2 email, 3 city, and 4 message, which do not use the and tags, which are filtered by PHP-Nuke...

CVE-2004-2352

Cross-site scripting XSS vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $COOKIE PHP variable, which is not cleansed by PHP-Nuke...

CVE-2004-2354

SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting XSS attacks when MySQL errors are triggered...

postnuke0750.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.750=x cXIb8O3.5 Author: cXIb8O3 Date: 2.3.2005 from SecurityReason.Com - --- 0.Description --- PostNuke: The Phoenix Release 0.750 PostNuke is an open source, open developement content management system CMS. PostNuke started a...

CVE-2004-2297

The CVE-2004-2297 case concerns the Reviews module of PHP-Nuke versions 6.0 through 7.3. The vulnerability is a denial of service caused by a large, out-of-range score parameter that can consume CPU and memory. The available sources (NVD, CVE lists) describe the impact as a CPU/memory DoS but do ...