536 matches found
PostNuke Module v4bJournal - Remote SQL Injection Vulnerability
No description provided by source. ---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir Greetz F...
PHP XML-RPC Arbitrary Code Execution
No description provided by source. $Id: phpxmlrpceval.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...
PostNuke 0.6/0.7 web_links Module TTitle Cross-site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8374/info It has been reported that a cross site scripting vulnerability exists in the Downlaods and WebLinks modules of PostNuke. It is possible that an attacker may construct a link containing malicious script code that...
PostNuke 0.764 Module modload SQL Injection Vulnerability
No description provided by source. PostNuke 0.764 Module modload SQL Injection Vulnerability Author : BILGEKAGAN Homepage : http://www.1923turk.com Script : postnuke http://www.postnuke.com Download : http://www.postnuke.com/module-Content-view-pid-2.html Vulnerable File...
PostNuke 0.6x/0.7x Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18819/info PostNuke is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before displaying it to users of the application. An attacker may leverage these issu...
PHPNuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x modules.php Multiple Parameter XSS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script...
PostNuke Phoenix 0.760 RC3 Module Parameter Remote Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13076/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web conten...
PostNuke 0.6x/0.7x NS-Languages Module language Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16752/info PostNuke is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. Successful exploitation could allow an attacker to...
PostNuke <= 0.763 (PNSV lang) Remote Code Execution Exploit
No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...
phProfession 2.5 upload.php Direct Request Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation o...
phProfession 2.5 modules.php offset Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation o...
PHPNuke 4.x/5.x Remote Arbitrary File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3889/info PHPNuke is a website creation/maintenance tool. The 'index.php' script has a feature which allows users to include files. Due to insufficent input validation, it is possible to include files located on a remote...
PostNuke Module pnEncyclopedia <= 0.2.0 - SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV90$2008 ----------------------------------------------------------------------------------------- ECHOADV90$2008 PostNuke Module pnEncyclopedia = 0.2.0 id Blind Sql Injection...
PostNuke 0.703 caselist Arbitrary Module Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4381/info PostNuke is a content management system originally forked from the PHP-Nuke project. It is implemented in PHP, and available for Windows, Linux and other Unix based systems. A vulnerability has been reported in...
Michael Schatz Books 0.54/0.6 PostNuke Module Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5882/info Books is a module written for PostNuke. Reportedly, Books is prone to cross site scripting attacks. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link containing HTML...
PostNuke Phoenix 0.760 RC3 OP Parameter Remote Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13075/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web conten...
PostNuke 0.76 RC4b Comments Module moderate Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14635/info PostNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input. This can lead to theft of cookie-based...
PostNuke 0.6/0.7 Downloads Module TTitle Cross-site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8374/info It has been reported that a cross site scripting vulnerability exists in the Downlaods and WebLinks modules of PostNuke. It is possible that an attacker may construct a link containing malicious script code that...
PostNuke 0.76 RC4b user.php htmltext Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14635/info PostNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input. This can lead to theft of cookie-based...
PostNuke 0.75/0.76 DL-viewdownload.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14636/info PostNuke is prone to an SQL injection vulnerability. This issue is due to a lack of sufficient sanitization of user-supplied input. Successful exploitation could result in a compromise of the application,...