1732 matches found
CVE-2008-7038
SQL injection vulnerability in the MyeGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect...
CVE-2008-7038
CVE-2008-7038 describes a SQL injection in the My_eGallery module for PHP-Nuke. The vulnerability is triggered by manipulating the gid parameter in a showgall action to modules.php, allowing remote execution of arbitrary SQL commands. The description notes that the issue was disclosed by an unrel...
Sql injection
SQL injection vulnerability in modules.php in the CurrentIssue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action...
Sql injection
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action...
CVE-2008-6865
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action...
CVE-2008-6866
SQL injection vulnerability in modules.php in the CurrentIssue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action...
CVE-2008-6865
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action...
CVE-2008-6866
The CVE-2008-6866 entry describes a SQL injection vulnerability in PHP-Nuke’s Current_Issue module (in modules.php). The vulnerability is triggered via the id parameter in a summary action, potentially allowing remote attackers to construct and execute arbitrary SQL commands. The affected compone...
CVE-2008-6866
SQL injection vulnerability in modules.php in the CurrentIssue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action...
CVE-2008-6865
The CVE-2008-6865 entry describes a SQL injection in the PHP-Nuke framework, specifically in the Sectionsnew module’s modules.php. The vulnerability arises when remote attackers can inject SQL via the artid parameter in a printpage action, enabling arbitrary SQL execution. Affected component: PHP...
PHP-Nuke 8.0 Downloads Module - query Cross-Site Scripting
PHP-Nuke 8.0 Downloads Module - query Cross-Site Scripting source: https://www.securityfocus.com/bid/35180/info PHP-Nuke is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...
PHP-Nuke SQL Injection Vulnerability
PHP-Nuke is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpnuke:php-nuke";...
PHP-Nuke 8.0 Downloads Module - 'query' Cross-Site Scripting
source: https://www.securityfocus.com/bid/35180/info PHP-Nuke is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
CVE-2009-1842
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header...
Sql injection
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header...
CVE-2009-1842
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header...
CVE-2009-1842
PHP-Nuke 8.0 is affected by a SQL injection in main/tracking/userLog.php that allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. Documented as CVE-2009-1842 with CVSS v2 base score 7.5 (network, low complexity, no auth). Affected product: PHP-Nuke; vulnerabilit...
PHP Nuke v.8.0 (referer) SQL Injection
PHP Nuke v.8.0 referer SQL Injection Author: Gerendi Sandor Attila Original advisory: http://gsasec.blogspot.com/2009/05/php-nuke-v80-referer-sql-injection.html Date: May 14, 2009 Package: PHP-Nuke Product homepage: http://phpnuke.org/ Versions Affected: v.8.0 Other versions may also be affected...
PHP-Nuke 8.0 - maintrackinguserLog.php SQL Injection
PHP-Nuke 8.0 - maintrackinguserLog.php SQL Injection source: https://www.securityfocus.com/bid/35117/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...
PHP-Nuke 8.0 SQL Injection
PHP Nuke v.8.0 referer SQL Injection Author: Gerendi Sandor Attila Original advisory: http://gsasec.blogspot.com/2009/05/php-nuke-v80-referer-sql-injection.html Date: May 14, 2009 Package: PHP-Nuke Product homepage: http://phpnuke.org/ Versions Affected: v.8.0 Other versions may also be affected...