CVE-2003-1400

Cross-site scripting XSS vulnerability in the YourAccount module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the useravatar parameter...

CVE-2003-1435

SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module...

CVE-2003-1210

Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the 1 lid parameter to the getit function or the 2 min parameter to the search function...

CVE-2003-1340

Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via 1 a uid user cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid admin cookie to the WebLinks module in ...

PHP-NUKE 7.0 FINAL (and olders) sql injection

RusH security team | http://www.rsteam.ru o----------------------------= Advisory 16 =----------------------------o oxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxo o--------------------------------------------------------------------------o | Product: PHP-Nuke | |...

PHP-Nuke 6.x7.0 Survey Module - SQL Injection

PHP-Nuke 6.x7.0 Survey Module - SQL Injection source: https://www.securityfocus.com/bid/9305/info A vulnerability has been reported to exist in the Survey module of PHP-Nuke that may allow a remote attacker to inject malicious SQL syntax into database queries. The source of this issue is...

PHP-NUKE version <= 6.9 'cid' sql injection Remote Exploit

No description provided by source. !/usr/bin/perl -w use IO::Socket; THIS CODE PUBLIC NOW = \ \ / | \ | / | / / \ | | \ | /\ \ / || /// | / / / / based on 'cid' sql injection vuln in Download module, more info about this vuln u can see here: http://rst.void.ru/texts/advisory10.htm work only...

PHP-Nuke 6.9 - cid SQL Injection

PHP-Nuke 6.9 - cid SQL Injection !/usr/bin/perl -w use IO::Socket; THIS CODE PUBLIC NOW = \ \ / | \ | / | / / \ | | \ | /\ \ / || /// | / / / / based on 'cid' sql injection vuln in Download module, more info about this vuln u can see here: http://rst.void.ru/texts/advisory10.htm work only on...

PHP-Nuke 6.9 - 'cid' SQL Injection

!/usr/bin/perl -w use IO::Socket; THIS CODE PUBLIC NOW = \ \ / | \ | / | / / \ | | \ | /\ \ / || /// | / / / / based on 'cid' sql injection vuln in Download module, more info about this vuln u can see here: http://rst.void.ru/texts/advisory10.htm work only on mysql version 4.0 tested on...

SQL injection vulnerability in phpnuke

Multiple researchers have discovered multiple SQL injection vulnerabilities in some versions of Php-Nuke. These vulnerabilities may lead to information disclosure, compromise of the Php-Nuke site, or compromise of the back-end database...

php-nuke.6.5.php.txt

Hello, Here my Exploit for PHP-Nuke = v6.5 & Spaiz-Nuke SQL v1.2 SQL Injection Code in PHP: Grettings, Blade... |Blade «[email protected]»| www.abez.org Of AbeZ www.rzw.com.ar By XyborG www.adictosnet.com.ar By LaKosa www.fihezine.tsx.to Of FiH eZine / echo' PHP-Nuke And Spaiz-Nuke Injection Exploit...

PHP-Nuke Path Disclosure Vulnerability

PHP-Nuke Path Disclosure Vulnerability Published: 18 October 2003 Released: 16 October 2003 Affected Systems: PHP-Nuke 7.0 and possibly earlier versions. Vendor: http://www.phpnuke.org Description: ============ PHP-Nuke is a Web Portal System, storytelling software, news system, online community ...

PHP-Nuke 6.6 - admin.php SQL Injection

PHP-Nuke 6.6 - admin.php SQL Injection source: https://www.securityfocus.com/bid/8798/info It has been reported that PHP-Nuke is prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into database queries. The issue is said to occur within the...

PHP-Nuke 6.6 - 'admin.php' SQL Injection

source: https://www.securityfocus.com/bid/8798/info It has been reported that PHP-Nuke is prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into database queries. The issue is said to occur within the admin.php file, specifically when...

Уязвимости в Spaiz-Nuke версии <=1.2beta и PHP-nuke всех версий

Advisory10 RusH security team | http://www.rst.void.ru Products: Spaiz-Nuke версии =1.2beta PHP-nuke все версии Vuln: Многочисленные уязвимости. Bug found: 17.09.2003 by 1dt.w0lf Внедрение sql-кода в модуле администрирования...

PHP-Nuke v 6.7 + Windows = File Upload

Informations : °°°°°°°°°°°°° Language : PHP Version : 6.7 Website : http://www.phpnuke.org Problem : File Upload PHP Code/Location : °°°°°°°°°°°°°°°°°°° modules/WebMail/mailattach.php :...

CVE-2003-0279

Multiple SQL injection vulnerabilities in the WebLinks module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using 1 the viewlink function and cid parameter, or 2 index.php...

CVE-2003-0318

Cross-site scripting XSS vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter...

Php-Nuke:users and admins password hashes vulnerability

BUGSMAN: serving security from Italy since..hem..well, about 1 year ------------------------------------------------------------------------------------- Object: users & admins password hash retrieving Tested on Php-Nuke 5.6 e 6.5 Vulnerable versions: I've never seen a patch for this so potential...

CVE-2003-0318

Cross-site scripting XSS vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter...