waraxe-2006SA-047.txt

================================================================================ waraxe-2006-SA047 ================================================================================ Evading sql-injection filters in phpNuke 7.8...

[waraxe-2006-SA#047] - Evading sql-injection filters in phpNuke 7.8

================================================================================ waraxe-2006-SA047 ================================================================================ Evading sql-injection filters in phpNuke 7.8...

PHPNuke-Your_Account.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityAlert SA032 Author: sp3x CVE : CVE-2006-0679 Date: 16. February 2006 Affected software : =================== PHPNuke version : 7.8 with all security fixes/patches Not Affected software : ======================= PHPNuke version : 7.9 + patch 3....

[waraxe-2006-SA#046] - Critical sql injection in phpNuke 7.5-7.8

================================================================================ waraxe-2006-SA046 ================================================================================ Critical sql injection in phpNuke 7.5-7.8...

[waraxe-2006-SA#045] - Bypassing CAPTCHA in phpNuke 6.x-7.9

================================================================================ waraxe-2006-SA045 ================================================================================ Bypassing CAPTCHA in phpNuke 6.x-7.9 ================================================================================...

waraxe-2006-SA-046.txt

================================================================================ waraxe-2006-SA046 ================================================================================ Critical sql injection in phpNuke 7.5-7.8...

waraxe-2006-SA-045.txt

================================================================================ waraxe-2006-SA045 ================================================================================ Bypassing CAPTCHA in phpNuke 6.x-7.9 ================================================================================...

[Full-disclosure] Critical SQL Injection PHPNuke <= 7.8 - Your_Account module

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityAlert SA032 Author: sp3x CVE : CVE-2006-0679 Date: 16. February 2006 Affected software : =================== PHPNuke version : 7.8 with all security fixes/patches Not Affected software : ======================= PHPNuke version : 7.9 + patch 3....

[waraxe-2006-SA#044] - XSS in phpNuke 7.8 and older versions

================================================================================ waraxe-2006-SA044 ================================================================================ XSS in phpNuke 7.8 and older versions ===============================================================================...

waraxe-2006-SA-044.txt

================================================================================ waraxe-2006-SA044 ================================================================================ XSS in phpNuke 7.8 and older versions ===============================================================================...

PHP-Nuke 6.x7.x - header.php?Pagetitle Cross-Site Scripting

PHP-Nuke 6.x7.x - header.php?Pagetitle Cross-Site Scripting source: https://www.securityfocus.com/bid/16608/info PHPNuke is prone to a cross-site scripting vulnerability. This issue affects the 'header.php' script. PHPNuke 7.8 and prior versions are reportedly vulnerable...

CVE-2006-0163

SQL injection vulnerability in the search module modules/Search/index.php of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792...

Sql injection

SQL injection vulnerability in the search module modules/Search/index.php of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792...

CVE-2006-0163

SQL injection vulnerability in the search module modules/Search/index.php of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792...

CVE-2006-0163

The CVE-2006-0163 entry describes a concrete SQL injection vulnerability in the PHPNuke EV 7.7 -R1 Search module (modules/Search/index.php). The flaw allows remote attackers to inject arbitrary SQL via the query parameter used by the search field, enabling potential data access or manipulation. I...

[SA18394] PHPNuke EV "query" SQL Injection Vulnerability

TITLE: PHPNuke EV "query" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA18394 VERIFY ADVISORY: http://secunia.com/advisories/18394/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: PHPNuke EV 7.x http://secunia.com/product/6767/ DESCRIPTION: A...

PHP-Nuke 7.7 EV Search Module - SQL Injection

PHP-Nuke 7.7 EV Search Module - SQL Injection source: https://www.securityfocus.com/bid/16186/info PHPNuke EV is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

PHP-Nuke News Submission Story - Text Field Cross-Site Scripting

PHP-Nuke News Submission Story - Text Field Cross-Site Scripting source: https://www.securityfocus.com/bid/16192/info The PHPNuke Pool and News Modules are prone to an HTML injection vulnerability. This issue is due to a failure in the application modules to properly sanitize user-supplied input...

PHPNukeEV77.txt

PHPNuke EV 7.7 'search' module 'query' variable SQL injection Vendor url: http://nukevolution.com/ exploit available:yes vendor notify:yes advisore:http://lostmon.blogspot.com/2006/01/ phpnuke-ev-77-search-module-query.html PHPNuke EV 7.7 have a flaw which can be exploited by malicious people to...

PHP-Nuke News Submission Story - Text Field Cross-Site Scripting

source: https://www.securityfocus.com/bid/16192/info The PHPNuke Pool and News Modules are prone to an HTML injection vulnerability. This issue is due to a failure in the application modules to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-suppli...