CVE-2002-1242

SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php...

iDEFENSE Security Advisory 10.31.02c: PHP-Nuke SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.31.02c: http://www.idefense.com/advisory/10.31.02c.txt PHP-Nuke SQL Injection Vulnerability October 31, 2002 I. BACKGROUND "PHP-Nuke is a news automated system specially designed to be used in Intranets and Internet. The...

PHP-Nuke 5.6 - modules.php SQL Injection

PHP-Nuke 5.6 - modules.php SQL Injection source: https://www.securityfocus.com/bid/6088/info A SQL injection vulnerability has been reported for PHP-Nuke 5.6. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in some scripts. It is possible to modify...

PHP-Nuke 5.6 - 'modules.php' SQL Injection

source: https://www.securityfocus.com/bid/6088/info A SQL injection vulnerability has been reported for PHP-Nuke 5.6. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in some scripts. It is possible to modify the logic of SQL queries through malform...

PHP-Nuke x.x AND PostNuke SQL Injection

Hello again, just to say that PostNuke fork of PHP-Nuke is vulnerable to the same bugs AND it is possible to inject different SQL code in order to do other "funny" but "dangerous" things. Note to the guys of those projects: Filter those URL entries!!! Cheers, Pedro Inacio...

PHP-Nuke x.x SQL Injection

Hello, All PHP-Nuke versions, including the just released 6.0, are vulnerable to a very simple SQL injection that may lead to a basic DoS attack. For instance, if you create a short script, to send a few requests, I have tested with just 6 similar to this:...

PHP-Nuke 6.0 - modules.php SQL Injection

PHP-Nuke 6.0 - modules.php SQL Injection source: https://www.securityfocus.com/bid/5799/info A SQL injection vulnerability has been discovered in PHPNuke. Due to insufficient sanitization of variables used in SQL queries, it is possible to modify the logic of SQL queries. This issue could result ...

PHP-Nuke 6.06.5 - Search Form Cross-Site Scripting

PHP-Nuke 6.06.5 - Search Form Cross-Site Scripting source: https://www.securityfocus.com/bid/5788/info PHPNuke 6.0 is prone to cross-site scripting attacks. HTML tags are not filtered from links to the 'modules.php' script. Reportedly, the problem lies in the 'Search' page of the 'modules.php'...

PHP-Nuke does not adequately authenticate users thereby allowing attackers to change user information

Overview PHP-Nuke's saveuser function does not adequately authenticate users. Attackers may exploit this vulnerability to change user data and gain access to accounts. Description PHP-Nuke is a set of PHP scripts designed to simplify web site creation and maintenance. PHP-Nuke's saveuser function...

Input-validation vulnerability in PHP-Nuke allows arbitrary command execution via request for remote web site

Overview PHP-Nuke has an input-validation vulnerability that can lead to execution of arbitrary PHP code hosted on another web server. Description PHP-Nuke is a tool designed to ease web site creation and maintenance. PHP-Nuke includes a script named index.php, which uses PHP's include function t...

PHP-Nuke Network Tools Add-On Arbitrary Command Execution

It is possible to make the remote host execute arbitrary commands through the use of the PHPNuke addon called 'Network Tools'. An attacker may use this flaw to gain a shell on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ...

PHP-Nuke v5.6 - Users can compromise admin accts.

Tested on PHP-Nuke v5.6 with Mozilla on Linux should work on past versions and on most browsers Impact: --------------------------------------------- Allows any user to get admin access to a PHP-Nuke site. Summary: ---------------------------------------------- Due to a XSS flaw in PHPNuke's...

CVE-2002-0483

index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname...

CVE-2001-0899

Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable...

CVE-2001-1032

admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to...

CVE-2001-1032

PHP-Nuke 5.2 and earlier (except 5.0RC1) is vulnerable to an arbitrary file upload via admin.php due to missing authentication for upload operations. An attacker can copy/upload arbitrary files and read the PHP-Nuke configuration by invoking admin.php with an upload parameter and a target file. T...

CVE-2001-0899

CVE-2001-0899 concerns the PHP-Nuke Network Tools Add-On. The connected sources confirm that the vulnerability arises in Network Tools 0.2 for PHP-Nuke, where the remote attacker can execute commands on the server via shell metacharacters placed in the $hostinput variable. This leads to arbitrary...

CVE-2002-0483

index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname...

CVE-2002-0483

CVE-2002-0483 affects PHP-Nuke versions 5.4 and earlier, where requesting index.php with the file parameter set to index.php can trigger an error message that leaks the web server’s physical pathname. This is a remote vulnerability that primarily exposes confidential information (the server path)...

CVE-2002-0206

index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter...