1732 matches found
CVE-2004-1528
The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to 1 config.php, 2 index.php, or 3 submit.php, which reveal the full path in an error message...
CVE-2004-1529
Cross-site scripting XSS vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the 1 type, 2 day, 3 month, or 4 year parameters in a Preview operation, or 5 event comments...
CVE-2004-1530
SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the 1 eid or 2 cid parameters...
CVE-2004-1528
The CVE-2004-1528 issue affects the Event Calendar module 2.13 for PHP-Nuke. It allows remote attackers to disclose sensitive information by triggering errors in HTTP requests to config.php, index.php, or submit.php, revealing the full path in an error message. The documentation does not specify ...
CVE-2005-0434
Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...
CVE-2005-0433
Technical details about CVE-2005-0433 are not publicly provided in the supplied documents. Available sources describe a path disclosure in Php-Nuke 7.5. Monitor for updates on affected versions, impact, and fixes.
CVE-2005-0433
Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to 1 db.php, 2 mainfile.php, 3 Downloads/index.php, or 4 WebLinks/index.php, which lists the path in a PHP error message...
CVE-2005-0434
Affected product: Php-Nuke 7.5. The CVE describes multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary HTML or web script via parameters (1) newdownloadshowdays in a NewDownloads operation or (2) newlinkshowdays in a NewLinks operation. Root cause is...
CVE-2005-0434
Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...
CVE-2005-0433
Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to 1 db.php, 2 mainfile.php, 3 Downloads/index.php, or 4 WebLinks/index.php, which lists the path in a PHP error message...
PHP-Nuke 6.x7.x - Multiple Cross-Site Scripting Vulnerabilities
PHP-Nuke 6.x7.x - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12561/info It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied UR...
PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12561/info It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could permit a remote attacker to create a...
[EXPL] PHP-Nuke POST Method Admin Variable Privilege Escalation
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
PHP-Nuke v7.4 admin exploit (old exploit)
No description provided by source. / old exploit but what pretty code /str0ke / / phpNUKE v7.4 exploit this exploit create new admin with relative passwd that you specified on parameter of exploit you take administrative control of the webPortal Reverences: http://www.osvdb.org/9563 coded by:...
PHP-Nuke 7.4 - Admin
/ old exploit but what pretty code /str0ke / / phpNUKE v7.4 exploit this exploit create new admin with relative passwd that you specified on parameter of exploit you take administrative control of the webPortal Reverences: http://www.osvdb.org/9563 coded by: Silentium of Anacron Group Italy date:...
PHP-Nuke 7.4 - Admin
PHP-Nuke 7.4 - Admin / old exploit but what pretty code /str0ke / / phpNUKE v7.4 exploit this exploit create new admin with relative passwd that you specified on parameter of exploit you take administrative control of the webPortal Reverences: http://www.osvdb.org/9563 coded by: Silentium of...
PHP-Nuke v7.4 admin exploit (old exploit)
Exploit for unknown platform in category web applications ========================================= PHP-Nuke v7.4 admin exploit old exploit ========================================= / old exploit but what pretty code /str0ke / / phpNUKE v7.4 exploit this exploit create new admin with relative...
CVE-2004-1529
Cross-site scripting XSS vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the 1 type, 2 day, 3 month, or 4 year parameters in a Preview operation, or 5 event comments...
CVE-2004-1530
SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the 1 eid or 2 cid parameters...
CVE-2004-1842
Cross-site request forgery CSRF vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php...