Sql injection

SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php...

CVE-2008-6779

SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php...

CVE-2008-6779

SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php...

CVE-2008-6779

The CVE-2008-6779 entry corresponds to a SQL injection in the Sarkilar module for PHP-Nuke. The vulnerability affects the Sarkilar module and is exploitable via the id parameter in the showcontent action to modules.php, allowing remote attackers to execute arbitrary SQL commands. The reported imp...

PHP-Nuke Detection (HTTP)

HTTP based detection of PHP-Nuke. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.900338";...

PHP-Nuke Sections Module SQL Injection Vulnerability

PHP-Nuke is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpnuke:php-nuke";...

Sql injection

SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php...

CVE-2008-6728

SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php...

CVE-2008-6728

SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php...

CVE-2008-6728

CVE-2008-6728 affects the PHP-Nuke Sections module, where an SQL injection is possible through the artid parameter in a printpage action to modules.php. The vulnerability arises from unsafely constructed SQL in the Sections module, enabling remote attackers to inject arbitrary SQL commands. The v...

CVE-2009-0302

SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php...

Sql injection

SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php...

CVE-2009-0302

SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php...

CVE-2009-0302

CVE-2009-0302 describes a SQL injection in the PHP-Nuke Downloads module affecting version 8.0 up to 8.1.0.3.5b and earlier. The underlying issue is an unparameterized input path in the Add operation for modules.php, allowing a remote authenticated user to modify the database by injecting SQL com...

PHP-Nuke 8.0 Downloads Blind Sql Injection

PHP-Nuke 8.0 Downloads Blind Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download : http://phpnuke.org Dork :...

PHP-Nuke Downloads Module - url SQL Injection

PHP-Nuke Downloads Module - url SQL Injection source: https://www.securityfocus.com/bid/33410/info The Downloads module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

PHP-Nuke Downloads Module SQL Injection

PHP-Nuke 8.0 Downloads Blind Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download : http://phpnuke.org Dork :...

PHP-Nuke Downloads Module - 'url' SQL Injection

source: https://www.securityfocus.com/bid/33410/info The Downloads module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

php-nuke 8.0 module sections artid blind sql inj vuln.

?php errorreporting EERROR; iniset"maxexecutiontime",0; echo ' +=========================================================+ |PHP-NUKE Module Sections printpage artid Sql inj Vuln. |MHATM.ORG BugBUSTER Team. | +=========================================================+ + version 8.0 + Tested on 7.9...

CVE-2008-5039

Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...