Php-nuke@* Security Vulnerabilities and Issues — Php-nuke@* CVE List

Lucene search

Francisco BurziPhp-nuke*

3 matches found

CVE•added 2007/02/22 12:28 a.m.•59 views

CVE-2007-1061

SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).

6.8CVSS8.4AI score0.56277EPSS

CVE•added 2007/01/18 12:28 a.m.•38 views

CVE-2007-0309

SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter.

7.5CVSS8.4AI score0.34572EPSS

CVE•added 2007/09/21 7:17 p.m.•35 views

CVE-2007-5032

Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.

5.1CVSS6.9AI score0.00014EPSS