Php-nuke@7.1 Security Vulnerabilities and Issues — Php-nuke@7.1 CVE List

Lucene search

Francisco BurziPhp-nuke7.1

2 matches found

CVE•added 2004/11/23 5:0 a.m.•41 views

CVE-2004-0265

Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attackers to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules.

6.8CVSS6.6AI score0.10468EPSS

CVE•added 2004/11/23 5:0 a.m.•37 views

CVE-2004-0266

SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers to obtain the administrator password via the c_mid parameter.

5CVSS7.5AI score0.00026EPSS