PostNuke Phoenix 0.726 openwindow.php hlpfile Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10191/info Multiple vulnerabilities were reported to exist in PostNuke Phoenix. The following specific vulnerabilities were reported: - Multiple path disclosure vulnerabilities that occur when a user directly requests...

PostNuke Phoenix 0.7x CATID Parameter Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12683/info PostNuke Phoenix is reported prone to an SQL injection vulnerability. This issue arises due to insufficient sanitization of user-supplied input. It is reported that issue presents itself when malicious SQL synt...

PostNuke Phoenix 0.760 RC3 SID Parameter Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13077/info A remote SQL Injection vulnerability affects PostNuke Phoenix. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may...

PostNuke Phoenix 0.72x Rating System Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7702/info some submissions to the rating system. Because of this, a remote attacker may be able to submit a string that causes a denial of service to legitmate users...

PostNuke 0.72x Phoenix Glossary Module SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7697/info A vulnerability has been discovered in PostNuke Phoenix v0.723 and earlier. Specifically, the Glossary module fails to sufficiently sanitize user-supplied input, making it prone to SQL injection attacks...

PostNuke Phoenix 0.7x SHOW Parameter Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12684/info PostNuke Phoenix is reported prone to an SQL injection vulnerability. This issue arises due to insufficient sanitization of user-supplied input. It is reported that issue presents itself when malicious SQL synt...

Vulnerabilities in PostNuke Phoenix

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Insufficient Anti-automation и Cross-Site Scripting уязвимостях в PostNuke Phoenix. Insufficient Anti-automation: Уязвимость в user.php в модуле NS-NewUser...

PostNuke Phoenix 0.760 RC3 - SID SQL Injection

PostNuke Phoenix 0.760 RC3 - SID SQL Injection source: https://www.securityfocus.com/bid/13077/info A remote SQL Injection vulnerability affects PostNuke Phoenix. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An...

PostNuke Phoenix 0.760 RC3 - 'SID' SQL Injection

source: https://www.securityfocus.com/bid/13077/info A remote SQL Injection vulnerability affects PostNuke Phoenix. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may exploit this issue to manipulate SQL...

PostNuke Phoenix 0.7x - CATID SQL Injection

PostNuke Phoenix 0.7x - CATID SQL Injection source: https://www.securityfocus.com/bid/12683/info PostNuke Phoenix is reported prone to an SQL injection vulnerability. This issue arises due to insufficient sanitization of user-supplied input. It is reported that issue presents itself when maliciou...

PostNuke Phoenix 0.7x - 'CATID' SQL Injection

source: https://www.securityfocus.com/bid/12683/info PostNuke Phoenix is reported prone to an SQL injection vulnerability. This issue arises due to insufficient sanitization of user-supplied input. It is reported that issue presents itself when malicious SQL syntax is issued to the application...

PostNuke Phoenix 0.7x - 'SHOW' SQL Injection

source: https://www.securityfocus.com/bid/12684/info PostNuke Phoenix is reported prone to an SQL injection vulnerability. This issue arises due to insufficient sanitization of user-supplied input. It is reported that issue presents itself when malicious SQL syntax is issued to the application...

PostNuke Phoenix 0.7x - SHOW SQL Injection

PostNuke Phoenix 0.7x - SHOW SQL Injection source: https://www.securityfocus.com/bid/12684/info PostNuke Phoenix is reported prone to an SQL injection vulnerability. This issue arises due to insufficient sanitization of user-supplied input. It is reported that issue presents itself when malicious...

PostNuke Phoenix 0.726 - openwindow.php?hlpfile Cross-Site Scripting

PostNuke Phoenix 0.726 - openwindow.php?hlpfile Cross-Site Scripting source: https://www.securityfocus.com/bid/10191/info Multiple vulnerabilities were reported to exist in PostNuke Phoenix. The following specific vulnerabilities were reported: - Multiple path disclosure vulnerabilities that occu...

PostNuke 0.72x Phoenix Glossary Module - SQL Injection

PostNuke 0.72x Phoenix Glossary Module - SQL Injection source: https://www.securityfocus.com/bid/7697/info A vulnerability has been discovered in PostNuke Phoenix v0.723 and earlier. Specifically, the Glossary module fails to sufficiently sanitize user-supplied input, making it prone to SQL...

PostNuke Phoenix 0.72x - Rating System Denial of Service

PostNuke Phoenix 0.72x - Rating System Denial of Service source: https://www.securityfocus.com/bid/7702/info some submissions to the rating system. Because of this, a remote attacker may be able to submit a string that causes a denial of service to legitmate users...

PostNuke Phoenix 0.72x - Rating System Denial of Service

source: https://www.securityfocus.com/bid/7702/info some submissions to the rating system. Because of this, a remote attacker may be able to submit a string that causes a denial of service to legitmate users...