Php-nuke@6.0 Security Vulnerabilities and Issues — Php-nuke@6.0 CVE List

Lucene search

Francisco BurziPhp-nuke6.0

3 matches found

CVE•added 2006/02/21 2:2 a.m.•37 views

CVE-2006-0805

The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote attackers to bypass CAPTCHA controls by fixing the User Agent, performing a valid challenge/response, then replaying t...

7.5CVSS6.7AI score0.01759EPSS

CVE•added 2006/02/13 10:2 p.m.•33 views

CVE-2006-0676

Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote attackers to inject arbitrary web script or HTML via the pagetitle parameter.

4.3CVSS5.7AI score0.04845EPSS

CVE•added 2006/12/02 11:28 a.m.•32 views

CVE-2006-6234

Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via (1) the cid parameter in a list_pages_categories action or (2) the pid parameter in a showpage action.

7.5CVSS8.9AI score0.00939EPSS