1732 matches found
PHP-Nuke ratedownload SQL Injection
No description provided by source. =========================================================================== Topic : PHP-Nuke All Version Bug type : SQL Injection Download : http://phpnuke.org/modules.php?name=Downloads Advisory : http://itsecteam.com/fa/vulnerabilities/vulnerability21.htm...
PHP-Nuke Error Manager Module 2.1 error.php language Variable Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/9911/info It has been reported that Error Manager is prone to multiple vulnerabilities. These issues are due to failure to validate user input, failure to handle exceptional conditions and simple design errors. These issu...
PHP-NUKE 5.0 - Viewslink Remote SQL Injection
No description provided by source. Author: CMD Contact: [email protected] Dork: allinurl: op=viewslink&sid= =-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-= Code : Exploit 1: /links.php?op=viewslink&sid=-1//union//select//0,aid//from//nukeauthors//where//radminsuper=1/...
PHP-Nuke Sarkilar Module 'id' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31830/info Sarkilar module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacke...
Protector System 1.15 blocker_query.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10206/info Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection vulnerabilities were reported. Exploitation of these issue...
PHP-Nuke 6.x/7.x Your_Account Module Username Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13007/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...
PHP-Nuke Module Emporium <= 2.3.0 - Remote SQL Injection Exploit
No description provided by source...
PHP-Nuke MyHeadlines 4.3.1 Module Cross-Site Scripting Vulnerability
No description provided by source...
NukeCalendar 1.1 .a eid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10082/info NukeCalendar, which is a third-party calendar module for PHP-Nuke, is prone to multiple vulnerabilities. These issues include path disclosure, SQL injection and cross-site scripting. Possible consequences inclu...
PHP-Nuke 6.x/7.x Downloads Module Lid Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13011/info It is reported that the PHP-Nuke 'Downloads' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...
PHP-Nuke Classifieds Module - 'Details' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27930/info The Classifieds module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
PHP-Nuke NSN Script Depository 1.0.0 - Remote Source Disclosure Vuln
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org...
PHP-Nuke Platinium <= 7.6.b.5 - Remote Code Execution Exploit
No description provided by source. ?php PHP Nuke Platinium = 7.6.b.5 Remote Code Execution Exploit Author: Charles real F. charlesfolathotmail.fr Date: 02/07/08 Note I modified a bit phpsploit for this exploit, because PHP Nuke plays with REQUESTURI var ... Requirements registerglobals=On phprete...
PHP-Nuke 7.6 Web_Links Module Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13055/info The WebLinks module of PHP-Nuke is affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL querie...
PHP-Nuke <= 7.8 Search Module Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w use IO::Socket; if @ARGV 2 print ---------------------------------------\n; print EXPLOIT for PHPNuke =7.8 \n; print ---------------------------------------\n\n; print Usage : \n; print PHPNuke1 HOST /pathphpnuke \n\n; print HOST - Host where i...
PHP Nuke 5.x Error Message Web Root Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4333/info PHP-Nuke is a popular web based Portal system. It allows users to create accounts and contribute content to the site. A vulnerability has been reported in some versions of PHP-Nuke. Reportedly, a maliciously...
PHP-Nuke Book Catalog Module 1.0 'upload.php' Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19890/info The Book Catalog module for PHP-Nuke is prone to a vulnerability that lets attackers upload arbitrary files. Exploiting this issue may allow an attacker to compromise the application and the underlying system;...
PHP-Nuke Sell Module - 'cid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27980/info The 'Sell' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
PHP-Nuke MS-Analysis Module Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9947/info It has been reported that MS-Analysis is prone to a multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI parameters. These...
PHP-Nuke eGallery 3.0 Module - 'pid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28088/info The eGallery module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...