Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

251 matches found

exploitpack
exploitpackadded 2003/12/23 12:0 a.m.18 views

PHP-Nuke 6.x - Category SQL Injection

PHP-Nuke 6.x - Category SQL Injection source: https://www.securityfocus.com/bid/9630/info It has been reported that PHPNuke may prone to a SQL injection vulnerability, due to insufficient sanitization user-supplied input. The problem is reported to exist in the $category variable contained within...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2003/05/14 12:0 a.m.32 views

PHPNuke "Your Account" XSS Vulnerability

------------------------------------------------------ PHPNuke "Your Account" XSS Vulnerability ------------------------------------------------------ ------------------------------------------------------ Vulnerable; ------------------------------------------------------ Francisco Burzi PHP-Nuke...

Exploits0
exploitpack
exploitpackadded 2003/05/01 12:0 a.m.12 views

PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting

PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/7483/info Splatt Forum is a public message board plugin designed to be used with PHPNuke. It has been reported that Splatt Forum does not sufficiently filter user supplied URI parameters for the Spla...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2003/05/01 12:0 a.m.32 views

PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting

source: https://www.securityfocus.com/bid/7483/info Splatt Forum is a public message board plugin designed to be used with PHPNuke. It has been reported that Splatt Forum does not sufficiently filter user supplied URI parameters for the Splatt Forum 'Search' function. As a result of this...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2003/03/26 12:0 a.m.40 views

PHPNuke viewpage.php allows Remote File retrieving

viewpage.php is a part of PHPNuke. The Script allows an attacker to view all files on the System. Example: http://server.com/viewpage.php?file=/etc/passwd Zero X member of www.Lobnan.de...

2.2AI score
Exploits0
Exploit DB
Exploit DBadded 2003/03/23 12:0 a.m.28 views

PHP-Nuke 5.6/6.x News Module - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/7173/info It has been reported that an input validation error exists in the index.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to...

7AI score
Exploits0
exploitpack
exploitpackadded 2003/03/12 12:0 a.m.12 views

PHP-Nuke 5.56.0 AvantGo Module - Full Path Disclosure

PHP-Nuke 5.56.0 AvantGo Module - Full Path Disclosure source: https://www.securityfocus.com/bid/7078/info The AvantGo module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker may use the...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2003/03/12 12:0 a.m.18 views

PHP-Nuke 5.5/6.0 News Module - Full Path Disclosure

source: https://www.securityfocus.com/bid/7079/info The News module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker may use the information gathered in this manner to mount further attacks...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2003/03/12 12:0 a.m.22 views

PHP-Nuke Splatt Forum 3.2 Module - Full Path Disclosure

source: https://www.securityfocus.com/bid/7080/info The Splatt Forum module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker could use the information gathered in this manner to mount further...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2003/03/12 12:0 a.m.60 views

PHP-Nuke 5.5/6.0 AvantGo Module - Full Path Disclosure

source: https://www.securityfocus.com/bid/7078/info The AvantGo module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker may use the information gathered in this manner to mount further attacks...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2003/03/10 12:0 a.m.30 views

phpnuke60.txt

Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.phpnuke.org Versions : 6.0 & 6.5? Modules : MembersList, YourAccount Problem : SQL Injection PHP Configuration : This will work if magicquotesgpc=OFF. PHP Code/Location : °°°°°°°°°°°°°°°°°°° /modules/MembersList/index.php :...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2003/02/21 12:0 a.m.62 views

PHPNuke SQL Injection

PHPNuke SQL Injection 2-18-2003 http://CGIshield.com How to steal the password hash of the Admin user on PHPnuke 6.0 & 5.6 windows+linux method 1 PHPnuke, a widely used open-source web portal system, has been found to contain a remotely exploitable SQL injection bug, which allows stealing of the...

8.3AI score
Exploits0
Exploit DB
Exploit DBadded 2003/02/19 12:0 a.m.28 views

PHP-Nuke 5.6/6.0 - Search Engine SQL Injection

source: https://www.securityfocus.com/bid/6887/info It has been reported that the search module distributed with PHPNuke is vulnerable to an SQL injection attack. PHPNuke, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries. As a result,...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2003/02/19 12:0 a.m.13 views

PHP-Nuke 5.66.0 - Search Engine SQL Injection

PHP-Nuke 5.66.0 - Search Engine SQL Injection source: https://www.securityfocus.com/bid/6887/info It has been reported that the search module distributed with PHPNuke is vulnerable to an SQL injection attack. PHPNuke, in some cases, does not sufficiently sanitize user-supplied input which is used...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2002/11/26 12:0 a.m.24 views

Multiple phpNuke Modules Vulnerable to Cross-Site Scripting

phpNuke Module Vulnerabilities Enable Identity Theft Systems Affected: phpNuke 6.5b1 and prior all operating systems Risk: High Impact: Identity Theft/Impersonation/Privilege Elevation Scenario: Cross-site scripting flaws enabling cookie theft Description phpNuke is a popular, and very complex...

6.8AI score
Exploits0
securityvulns
securityvulnsadded 2002/10/14 12:0 a.m.28 views

Multiple XSS vulnerabilites in PHPNuke

Multiple XSS Vulnerabilities in PHPNuke 6.0 ------------------------------------------- Summary: We have found 7 diferent cross-site-scripting vulnerabilities in PHPNuke 6.0 which allow for anyone to steal the authentication cookies from users and Administrators. Some of them include several ways...

5.9AI score
Exploits0
securityvulns
securityvulnsadded 2002/10/12 12:0 a.m.21 views

XSS bug in PHPNuke 6.0

Vulnerable systems: PHPNuke 6.0 & mabey all Exploit: 1- go to http://traget/modules.php?name=Downloads&dop=search 2- put in form search this code : Scriptjavascript:alertdocument.cookie/Script 3- click "Search" without "" you can't use it an URL like this http://traget/modules.php?...

7.3AI score
Exploits0
securityvulns
securityvulnsadded 2002/09/28 12:0 a.m.17 views

PHPNUKE 6 XSS Vulnerabilities

http://www.phpnuke.org/modules.php?name=Search Enter: scriptalertdocument.cookie;/script in form, click Search. Needless to say these bugs won't go away. The vendor WOULD HAVE been contacted if they just gave an email address without having to subscribe to nukesupport/phpnuke - maybe I don't use...

6.2AI score
Exploits0
Exploit DB
Exploit DBadded 2002/09/25 12:0 a.m.30 views

PHP-Nuke 6.0 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5796/info Problems with PHPNuke could make it possible to execute arbitrary script code in a vulnerable client. PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contai...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/09/25 12:0 a.m.25 views

PHP-Nuke 6.0 - 'modules.php' SQL Injection

source: https://www.securityfocus.com/bid/5799/info A SQL injection vulnerability has been discovered in PHPNuke. Due to insufficient sanitization of variables used in SQL queries, it is possible to modify the logic of SQL queries. This issue could result in a denial of service attack or the...

7.4AI score
Exploits0
Rows per page
Query Builder