PHP-Nuke addon Nuke Mobile Entartainment LFI Vulnerability

No description provided by source. Nuke Mobile Entartainment = modulename Local File Include Vuln Script : Nuke Mobile Entartainment Version : 1 Download : http://www.suonerie-polifoniche-gratis.net/mobilentertainment.zip BorN To K!LL AsbMay's Group ... Vuln. Code : include...

PHP-Nuke addon Nuke Mobile Entartainment LFI Vulnerability

Exploit for unknown platform in category web applications ========================================================== PHP-Nuke addon Nuke Mobile Entartainment LFI Vulnerability ========================================================== Nuke Mobile Entartainment AsbMay's Group ... Vuln. Code :...

PHP-Nuke addon Nuke Mobile Entartainment 1.0 - Local File Inclusion

PHP-Nuke addon Nuke Mobile Entartainment 1.0 - Local File Inclusion Nuke Mobile Entartainment AsbMay's Group ... Vuln. Code : include 'modules/'.$modulename.'compatibility/data/marque.data.php'; ExploiT : path/data/compatible.php?modulename=Local File%00 Greetings 2 : str0ke - Dr.2 - AsbMay's Gro...

PHP-Nuke addon Nuke Mobile Entartainment 1.0 - Local File Inclusion

Nuke Mobile Entartainment AsbMay's Group ... Vuln. Code : include 'modules/'.$modulename.'compatibility/data/marque.data.php'; ExploiT : path/data/compatible.php?modulename=Local File%00 Greetings 2 : str0ke - Dr.2 - AsbMay's Group - GoLdM - KuWaiT SeCuriTy milw0rm.com 2007-09-23...

CVE-2007-5032

Cross-site request forgery CSRF vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified addname and addradminsuper parameters...

CVE-2007-5032

Cross-site request forgery CSRF vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified addname and addradminsuper parameters...

CVE-2007-5032

CVE-2007-5032 is a Cross-site request forgery (CSRF) in admin.php of Francisco Burzi’s PHP-Nuke. An attacker can add administrative accounts by sending a request that abuses AddAuthor with crafted add_name/add_radminsuper parameters. Documented impact includes partial confidentiality, integrity, ...

PHP-Nuke add admin ALL Versions

Paste this code into an HTML page then link it to victim victim must be admin iframe name="aiuto" frameborder="0" height="0" width="0"/iframe FORM name="Faiuto" ACTION="http://VICTIMURL/nuke/admin.php" target="aiuto" METHOD=POST input type=hidden NAME="addname" value="ATTACKER" input type=hidden...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "" in 1 the onerror attribute of an IMG element, 2 the onload attribute of an IFRAME element, or 3 redirect users to other sites via the...

CVE-2007-4212

Multiple cross-site scripting XSS vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "" in 1 the onerror attribute of an IMG element, 2 the onload attribute of an IFRAME element, or 3 redirect users to other sites via the...

CVE-2007-4212

Multiple cross-site scripting XSS vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "" in 1 the onerror attribute of an IMG element, 2 the onload attribute of an IFRAME element, or 3 redirect users to other sites via the...

CVE-2007-4212

CVE-2007-4212 concerns multiple XSS flaws in the PHP-Nuke Search Module. The vulnerabilities allow remote attackers to inject arbitrary script/HTML by supplying a trailing “” in: (1) the onerror attribute of IMG, (2) the onload attribute of IFRAME, or (3) redirect via the META tag. Affected softw...

phpnukesearch-xss.txt

PHP-Nuke ALL versions Search Module multiple XSS and HTML injection ------------------------------------------------------------------- The well-known PHP-Nuke CMS is vulnerable to multiple XSS attacks and HTML injections through the Search Module. The request is made using POST, but the whole...

PHP-Nuke (ALL versions) Multiple XSS and HTML injection

PHP-Nuke ALL versions Search Module multiple XSS and HTML injection ------------------------------------------------------------------- The well-known PHP-Nuke CMS is vulnerable to multiple XSS attacks and HTML injections through the Search Module. The request is made using POST, but the whole...

TotalCalendar <= 2.402 (view_event.php) Remote SQL Injection Vulns

Exploit for unknown platform in category web applications ================================================================== TotalCalendar = 2.402 viewevent.php Remote SQL Injection Vulns ==================================================================...

Sql injection

Multiple SQL injection vulnerabilities in the Virtual War VWar 1.5.0 R15 module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the n parameter to extra/online.php and other unspecified scripts in extra/. NOTE: this might be same vulnerability as CVE-2006-4142; however,...

CVE-2007-2306

Multiple cross-site scripting XSS vulnerabilities in the Virtual War VWar 1.5.0 R15 and earlier module for PHP-Nuke, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 memberlist parameter to extra/login.php and the 2 title parameter to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Virtual War VWar 1.5.0 R15 and earlier module for PHP-Nuke, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 memberlist parameter to extra/login.php and the 2 title parameter to...

CVE-2007-2312

Multiple SQL injection vulnerabilities in the Virtual War VWar 1.5.0 R15 module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the n parameter to extra/online.php and other unspecified scripts in extra/. NOTE: this might be same vulnerability as CVE-2006-4142; however,...

CVE-2007-2312

The CVE-2007-2312 entry identifies multiple SQL injection vulnerabilities in Virtual War (VWar) 1.5.0 R15 for PHP-Nuke, exploitable via the n parameter to extra/online.php and other scripts in extra/. The underlying issue is unsafely constructed SQL in these scripts, enabling remote execution of ...