CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1732 matches found

Prion•added 2008/11/12 9:9 p.m.•8 views

Cross site scripting

Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...

4.3CVSS6.3AI score0.01823EPSS

Exploits1References4Affected Software1

Cvelist•added 2008/11/12 8:18 p.m.•25 views

CVE-2008-5039

5.8AI score0.01823EPSS

Exploits1References4

CVE•added 2008/11/12 8:18 p.m.•46 views

CVE-2008-5039

Affected software: PHP-Nuke with the League module (possibly version 2.4). Vulnerability: Cross‑site scripting (XSS) via the tid parameter in a team action to modules.php. Root cause / vector: User-controlled tid value leading to script/HTML injection. Impact: Remote attacker could execute arbitr...

4.3CVSS5.8AI score0.01823EPSS

Exploits1References4Affected Software1

securityvulns•added 2008/11/01 12:0 a.m.•130 views

PHP-Nuke Module Current_Issue (summary&id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability PHP-Nuke Module CurrentIssue summary&id AuTh0r : EhsanHp200 H0ME : www.only-4dl.tk Email : [email protected] Dork : "inurl:modules.php?name=CurrentIssue" Exploite:...

3.6AI score

Exploits0

securityvulns•added 2008/11/01 12:0 a.m.•64 views

PHP-Nuke Module BookCatalog (category&catid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability PHP-Nuke 8.1 Module BookCatalog category&catid AuTh0r : EhsanHp200 H0ME : www.only-4dl.tk Email : [email protected] Persian Gulf 4 Ever! Dork : "inurl:modules.php?name=BookCatalog" Exploite for username:...

3.4AI score

Exploits0

securityvulns•added 2008/11/01 12:0 a.m.•121 views

PHP-Nuke Module Sectionsnew (printpage&artid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability PHP-Nuke Module Sectionsnew printpage&artid AuTh0r : Ehsanhp200 H0ME : www.only-4dl.tk Email : [email protected] Persian Gulf 4 Ever! Dork : "inurl:modules.php?name=Sectionsnew" Exploite:...

3.1AI score

Exploits0

securityvulns•added 2008/11/01 12:0 a.m.•118 views

Aria-Security.com: Saba 2.0 Cross Site Scripting [PASSIVE]

2.7AI score

Exploits0

NVD•added 2008/10/31 6:9 p.m.•14 views

CVE-2008-4804

SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the aid parameter in a showalbum action to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue was disclosed by an...

7.5CVSS8.3AI score0.0036EPSS

Exploits1References3

Prion•added 2008/10/31 6:9 p.m.•10 views

Sql injection

7.5CVSS9AI score0.0036EPSS

Exploits1References3

CVE•added 2008/10/31 4:42 p.m.•50 views

CVE-2008-4804

The CVE-2008-4804 entry describes an SQL injection in the Gallery module 1.3 for PHP-Nuke, allowing remote attackers to execute arbitrary SQL via the aid parameter in showalbum (index.php). Affected component: Gallery module 1.3 for PHP-Nuke; root cause: unsanitized input in the showalbum action ...

7.5CVSS8.3AI score0.0036EPSS

Exploits1References3Affected Software1

Cvelist•added 2008/10/31 4:42 p.m.•17 views

CVE-2008-4804

8.3AI score0.0036EPSS

Exploits1References3

Packet Storm•added 2008/10/30 12:0 a.m.•26 views

phpnukesectionsnew-sql.txt

7.4AI score

Exploits0

Packet Storm•added 2008/10/30 12:0 a.m.•25 views

phpnukebook-sql.txt

7.4AI score

Exploits0

Packet Storm•added 2008/10/30 12:0 a.m.•24 views

phpnukecurrent-sql.txt

7.4AI score

Exploits0

Prion•added 2008/10/28 10:30 a.m.•14 views

Unrestricted file upload

Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote attackers to execute arbitrary code by uploading a file with 1 .htm, 2 .html, or 3 .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown;...

9CVSS8AI score0.04659EPSS

Exploits0References3

CVE•added 2008/10/28 10:0 a.m.•58 views

CVE-2008-4767

The CVE-2008-4767 entry describes an unrestricted file upload vulnerability in the DownloadsPlus module of PHP-Nuke. An attacker could upload a file with .htm, .html, or .txt extensions and then access it directly to trigger arbitrary code execution. The description notes uncertainty about how .h...

9CVSS7.4AI score0.04659EPSS

Exploits0References3Affected Software1

Cvelist•added 2008/10/28 10:0 a.m.•25 views

CVE-2008-4767

7.4AI score0.04659EPSS

Exploits0References3

exploitpack•added 2008/10/28 12:0 a.m.•15 views

PHP-Nuke Nuke League Module - tid Cross-Site Scripting

PHP-Nuke Nuke League Module - tid Cross-Site Scripting source: https://www.securityfocus.com/bid/31952/info PHP-Nuke Nuke League module is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execu...

6.8AI score

Exploits0

securityvulns•added 2008/10/28 12:0 a.m.•44 views

PHP-Nuke Module League (team&tid) XSS Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD XSS Vulnerability PHP-Nuke Module League team&tid AuTh0r : EhsanHp200 H0ME : www.only4-dl.tk Email : [email protected] PERSIAN GULF 4 EVER! Dork : "inurl:modules.php?name=League" Exploite: www.victim.com/modules.php?name=League&file=index&op=team&tid=Xss...

2.9AI score

Exploits0

securityvulns•added 2008/10/28 12:0 a.m.•44 views

PHP-Nuke Module League (team&tid) XSS Vulnerability

2.9AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by