Remote file inclusion

PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nukebbrootpath parameter...

CVE-2007-5676

PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nukebbrootpath parameter...

CVE-2007-5676

PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nukebbrootpath parameter...

CVE-2003-1468

Technical details beyond the CVE description are not provided in the supplied documents. Monitor for updates from authoritative sources to confirm affected versions, impact, and fixes.

CVE-2007-5676

CVE-2007-5676 relates to a PHP remote file inclusion in PHP-Nuke Platinum 7.6.b.5, specifically in modules/Forums/favorites.php. The underlying issue allows an attacker to execute arbitrary PHP code via a URL supplied to the nuke_bb_root_path parameter, enabling remote code execution. The affecte...

CVE-2003-1468

The WebLinks module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is non-numeric or null, which leaks the pathname in an error message...

PHP-Nuke Platinum 7.6.b.5 Remote File Inclusion Vulnerability

No description provided by source. ---------------------------------------------- GrEeTs To -=sHaDoW sEcUrItY TeAm=- GrEaTs To ---------------------------------------------- A2J, Chucks, The Pitbull, ICQBomber, str0ke ---------------------------------------------- BiG sHoUt OuT tO udplink.net &...

CVE-2003-1435

SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module...

CVE-2003-1435

This CVE (CVE-2003-1435) describes an SQL injection in PHP-Nuke versions 5.6 and 6.0, exploitable via the days parameter in the search module to allow remote execution of arbitrary SQL. The underlying issue is an input validation flaw in the search component, enabling attackers to influence the b...

CVE-2003-1400

Cross-site scripting XSS vulnerability in the YourAccount module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the useravatar parameter...

CVE-2003-1400

The CVE-2003-1400 entry describes a Cross-site scripting (XSS) vulnerability in the Your_Account module of PHP-Nuke versions 5.0 through 6.0. The issue arises from an input vector in the user_avatar parameter, allowing remote attackers to inject arbitrary web script or HTML. Affected software: PH...

CVE-2003-1340

Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via 1 a uid user cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid admin cookie to the WebLinks module in ...

CVE-2003-1340

CVE-2003-1340 refers to multiple SQL injection vulnerabilities in PHP-Nuke 5.6 and 6.5. The flaws allow remote authenticated users to inject SQL via a uid cookie to modules.php and via an aid cookie to the Web_Links module using actions such as viewlink, MostPopular, or NewLinksDate. The cited so...

[waraxe-2007-SA#054] - Local File Inclusion in Dance Music module for phpNuke

waraxe-2007-SA054 - Local File Inclusion in Dance Music module for phpNuke ============================================================================ Author: Janek Vind "waraxe" Date: 25. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-54.html Target software...

waraxe-2007-SA054.txt

waraxe-2007-SA054 - Local File Inclusion in Dance Music module for phpNuke ============================================================================ Author: Janek Vind "waraxe" Date: 25. September 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-54.html Target software...

PHP-Nuke Dance Music Module - index.php Local File Inclusion

PHP-Nuke Dance Music Module - index.php Local File Inclusion source: https://www.securityfocus.com/bid/25806/info Dance Music is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized remote user to vi...

PHP-Nuke Dance Music Module - 'index.php' Local File Inclusion

source: https://www.securityfocus.com/bid/25806/info Dance Music is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized remote user to view files and execute local scripts in the context of the...

CVE-2007-5069

Directory traversal vulnerability in data/compatible.php in the Nuke Mobile Entertainment 1 addon for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. dot dot in the modulename parameter...

CVE-2007-5069

CVE-2007-5069 : A directory traversal flaw in the Nuke Mobile Entertainment 1 addon for PHP-Nuke affects the file data/compatible.php. The vulnerability allows remote attackers to perform local file inclusion by supplying a .. (dot dot) in the module_name parameter, enabling the execution of arbi...

CVE-2007-5069

Directory traversal vulnerability in data/compatible.php in the Nuke Mobile Entertainment 1 addon for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. dot dot in the modulename parameter...