PHPNuke AddOn PHPToNuke.PHP 1.0 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3807/info phptonuke.php is a PHPNuke AddOn script to insert a PHP script into the middle of a PHPNuke site. It is written and maintained by Lebios. It is possible for a malicious user to create a link to the phptonuke.php...

PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit

No description provided by source. ?php 20.05 23/10/2005 ---phpnuke78xpl.php PHPNuke 7.8 with all security fixes/patches Downloads,WebLinks & YourAccount modules SQL Injection / remote commands execution exploit yet not tested 7.9, but OK... by rgod site: http://rgod.altervista.org make these...

PHPNuke 5.6/6.x Banners.PHP Banner Manager Password Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7170/info It has been reported that an input validation error exists in the banners.php file included with PHPNuke. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker ...

PHPNuke 6.0 News Message HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5796/info Problems with PHPNuke could make it possible to execute arbitrary script code in a vulnerable client. PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a use...

PHPNuke 5.6/6.x News Module Article.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7172/info It has been reported that an input validation error exists in the article.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string through PHPNuke tha...

PHPNuke 5.5/6.0 AvantGo Module Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7078/info The AvantGo module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker may use the information gathered in this...

PHPNuke Splatt Forum 3.2 Module Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7080/info The Splatt Forum module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker could use the information gathered ...

WarpSpeed 4nAlbum Module 0.92 displaycategory.php basepath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information disclosure issue with the...

PHP-Nuke 7.4 - Admin Exploit

No description provided by source. / old exploit but what pretty code /str0ke / / phpNUKE v7.4 exploit this exploit create new admin with relative passwd that you specified on parameter of exploit you take administrative control of the webPortal Reverences: http://www.osvdb.org/9563 coded by:...

PHPNuke 5.6/6.0 Search Engine SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6887/info It has been reported that the search module distributed with PHPNuke is vulnerable to an SQL injection attack. PHPNuke, in some cases, does not sufficiently sanitize user-supplied input which is used when...

PHPNuke Modules.PHP Search Module Remote Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15137/info PHPNuke Search Module is prone to a directory traversal vulnerability. This is due to a lack of proper sanitization of user-supplied input. A remote attacker may view files that are only intended to be accessib...

Coppermine Photo Gallery <= 1.2.2b (Nuke Addon) Include Vulnerability

No description provided by source. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Coppermine Photo Gallery v1.2.2b for PHPNUKE THEMEDIR Remote File...

PHPNuke 6.0/6.5 Search Form Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5788/info PHPNuke 6.0 is prone to cross-site scripting attacks. HTML tags are not filtered from links to the 'modules.php' script. Reportedly, the problem lies in the 'Search' page of the 'modules.php' script. It is...

PHPNuke 4.x/5.x Remote Arbitrary File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3889/info PHPNuke is a website creation/maintenance tool. The 'index.php' script has a feature which allows users to include files. Due to insufficent input validation, it is possible to include files located on a remote...

PHPOpenChat 2.3.4/3.0.1 PoC.php Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/12817/info PHPOpenChat is prone to multiple remote file-include vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the...

PHPNuke 5.6/6.x News Module Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7173/info It has been reported that an input validation error exists in the index.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string through PHPNuke that...

PHPNuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x user.php uname Parameter XSS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script...

PHPNuke 6.0 Modules.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5799/info A SQL injection vulnerability has been discovered in PHPNuke. Due to insufficient sanitization of variables used in SQL queries, it is possible to modify the logic of SQL queries. This issue could result in a...

PHPNuke 6.0/6.5 Forum Module Viewforum.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7194/info It has been reported that an input validation error exists in the 'viewforum.php' script included with PHPNuke as part of the Forum module. Because of this, an attacker could send a malicious string through...

PHPnuke 8.2 - Remote Upload File Exploit

Title : PHPnuke 8.2 Remote Upload File Exploit Author : Net.Edit0r Location : Iran Dork : "POWERED BY PHPNUKE.IR" Category : Remote Email : [email protected] [email protected] Special Thanks To :NetQurd For help in finding bugs Email :[email protected] InformatioN 1.Save code html format ...