CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

251 matches found

exploitpack•added 2002/09/25 12:0 a.m.•13 views

PHP-Nuke 6.0 - News Message HTML Injection

PHP-Nuke 6.0 - News Message HTML Injection source: https://www.securityfocus.com/bid/5796/info Problems with PHPNuke could make it possible to execute arbitrary script code in a vulnerable client. PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result,...

Exploit DB•added 2002/09/24 12:0 a.m.•18 views

PHP-Nuke 6.0/6.5 - Search Form Cross-Site Scripting

source: https://www.securityfocus.com/bid/5788/info PHPNuke 6.0 is prone to cross-site scripting attacks. HTML tags are not filtered from links to the 'modules.php' script. Reportedly, the problem lies in the 'Search' page of the 'modules.php' script. It is possible for a malicious attacker to...

CERT•added 2002/09/24 12:0 a.m.•44 views

PHPNuke 'admin.php' script does not adequately authenticate users, thereby allowing malicious user to copy, move, or upload files

Overview PHPNuke's "admin.php" script does not properly authenticate users of its filemanager capabilities. Attackers may exploit this vulnerability to copy, move, or upload files. Description PHPNuke is a set of PHP scripts designed to simplify website creation and maintenance. The "admin.php"...

7.5CVSS6.4AI score0.23192EPSS

Exploits1References4

securityvulns•added 2002/04/24 12:0 a.m.•41 views

Crossite scripting in PHPNuke/PostNUKE

No description provided...

Exploits0References12Affected Software1

securityvulns•added 2002/04/04 12:0 a.m.•34 views

Security bugs in PhpNuke

Hello, I found 2 security bugs in phpnuke The first is a path disclosure vulnerability : Change this http://nukesite.xxx/modules.php?op=modload&name=WebLinks&file=index&lop=viewlink&cid=3 in that ... http://nukesite.xxx/modules.php?op=modload&name=WebLinks&file=index&lop=viewlink The second one i...

Exploit DB•added 2002/01/18 12:0 a.m.•37 views

PHP-Nuke 4.x/5.x - SQL_Debug Information Disclosure

source: https://www.securityfocus.com/bid/3906/info PHPNuke is a website creation/maintenance tool. It is can be back-ended by a number of database products such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. The sqllayer.php script contains a debugging feature that may be used by attackers ...

exploitpack•added 2002/01/18 12:0 a.m.•19 views

PHP-Nuke 4.x5.x - SQL_Debug Information Disclosure

PHP-Nuke 4.x5.x - SQLDebug Information Disclosure source: https://www.securityfocus.com/bid/3906/info PHPNuke is a website creation/maintenance tool. It is can be back-ended by a number of database products such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. The sqllayer.php script contains ...

securityvulns•added 2002/01/08 12:0 a.m.•39 views

CSS in PHPNuke add-on

/phptonuke.php?filnavn=scriptalert document.cookie/script " and ' aren't authorized...

Exploit DB•added 2002/01/06 12:0 a.m.•29 views

PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/3807/info phptonuke.php is a PHPNuke AddOn script to insert a PHP script into the middle of a PHPNuke site. It is written and maintained by Lebios. It is possible for a malicious user to create a link to the phptonuke.php script which contains script code...

exploitpack•added 2002/01/06 12:0 a.m.•12 views

PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-Site Scripting

PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3807/info phptonuke.php is a PHPNuke AddOn script to insert a PHP script into the middle of a PHPNuke site. It is written and maintained by Lebios. It is possible for a malicious user to create a lin...

securityvulns•added 2001/12/20 12:0 a.m.•20 views

PHPNuke 5 Cross Scripting

This is a forward of frog-m@n posting to Vuln-Dev. Here a few holes that i've found in PHPNuke. 5 "Cross Site Scripting". http://phpnuke.org/modules.php? name=Downloads&dop=viewdownloaddetails&lid=0 2&ttitle=JAVASCRIPT http://phpnuke.org/modules.php? name=Downloads&dop=ratedownload&lid=118&ttitle...

securityvulns•added 2001/12/18 12:0 a.m.•45 views

Phpnuke module.php vulnerability and php error_reporting issue

Phpnuke module.php vulnerability and PHP errorreporting issue on 16 december by Cabezon Aurйlien | [email protected] As you know, there are many Cross site scripting issue on Phpnuke modules and other web application using PHP. There is a cross site scripting issue cause : 1 there ...

securityvulns•added 2001/12/17 12:0 a.m.•23 views

Re: PHPNuke holes

Another One: /modules.php?op=modload&name=WebLinks&file=index&lop=ratelink&lid=126&ttitle=script Let's party tonite = -- rolphin...

securityvulns•added 2001/12/17 12:0 a.m.•35 views

PHPNuke Cross Scripting...

Here a few holes that i've found in PHPNuke. 5 "Cross Site Scripting". http://phpnuke.org/modules.php? name=Downloads&dop=viewdownloaddetails&lid=0 2&ttitle=JAVASCRIPT http://phpnuke.org/modules.php? name=Downloads&dop=ratedownload&lid=118&ttitle =JAVASCRIPT http://phpnuke.org/modules.php?...

securityvulns•added 2001/12/17 12:0 a.m.•28 views

Security hole in IMessenger ( PHP-Nuke )

There is a big hole in imessenger im.php. He accept javascript... if I send scriptwindow.location.href='http://www. SERVER.com/im.php?usernameto= MYNICK &subject='+ document.cookie +'&message=message&action=send' ;/script without '' to the admin, he send his cookie. PHPNuke has been alerted...

Exploit DB•added 2001/12/03 12:0 a.m.•31 views

PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - 'modules.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script code. When the link is clicked by...

Exploit DB•added 2001/12/03 12:0 a.m.•34 views

PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - 'user.php?uname' Cross-Site Scripting

source: https://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script code. When the link is clicked by...

securityvulns•added 2001/12/03 12:0 a.m.•22 views

Phpnuke Cross site scripting vulnerability

Hi nuke webmasters, Phpnuke cross site scripting vulnerability Affected version : 5.3.1 and prior perhaps other...perhaps all PostNuke affected too. No more explanation, it is enough with cross site scripting...i'm bored with CSS vuln ;...

exploitpack•added 2001/12/03 12:0 a.m.•23 views

PHP-Nuke 1.02.53.04.x5.x6.x7.x - user.php?uname Cross-Site Scripting

PHP-Nuke 1.02.53.04.x5.x6.x7.x - user.php?uname Cross-Site Scripting source: https://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page,...

Packet Storm•added 2001/11/22 12:0 a.m.•23 views

php-nuke.5.1.txt

PhpNuke Admin password can be stolen ! by Cabezon Aurélien | [email protected] http://www.isecurelabs.com/article.php?sid=229 FR VERSION + screen shot Vulnerable : PhpNuke 5.1 Other version : not tested PostNuke : not tested 1 Introduction I have found a way to stole PhpNuke Admin...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by