Php-nuke@6.7 Security Vulnerabilities and Issues — Php-nuke@6.7 CVE List

Lucene search

Francisco BurziPhp-nuke6.7

3 matches found

CVE•added 2004/11/23 5:0 a.m.•44 views

CVE-2004-0269

SQL injection vulnerability in PHP-Nuke 6.9 and earlier, and possibly 7.x, allows remote attackers to inject arbitrary SQL code and gain sensitive information via (1) the category variable in the Search module or (2) the admin variable in the Web_Links module.

6.4CVSS7.4AI score0.00115EPSS

CVE•added 2004/11/23 5:0 a.m.•41 views

CVE-2004-0265

Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attackers to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules.

6.8CVSS6.6AI score0.10468EPSS

CVE•added 2004/11/23 5:0 a.m.•37 views

CVE-2004-0266

SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers to obtain the administrator password via the c_mid parameter.

5CVSS7.5AI score0.00026EPSS