Php-nuke@7.7 Security Vulnerabilities and Issues — Php-nuke@7.7 CVE List

Lucene search

Francisco BurziPhp-nuke7.7

4 matches found

CVE•added 2006/11/04 1:7 a.m.•40 views

CVE-2006-5720

SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and earlier allows remote attackers to execute arbitrary SQL commands via the forwhat parameter.

7.5CVSS8.4AI score0.00186EPSS

CVE•added 2006/02/21 2:2 a.m.•37 views

CVE-2006-0805

The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote attackers to bypass CAPTCHA controls by fixing the User Agent, performing a valid challenge/response, then replaying t...

7.5CVSS6.7AI score0.01759EPSS

CVE•added 2006/02/13 10:2 p.m.•33 views

CVE-2006-0676

Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote attackers to inject arbitrary web script or HTML via the pagetitle parameter.

4.3CVSS5.7AI score0.04845EPSS

CVE•added 2006/12/01 1:28 a.m.•32 views

CVE-2006-6200

Multiple SQL injection vulnerabilities in the (1) rate_article and (2) rate_complete functions in modules/News/index.php in the News module in Francisco Burzi PHP-Nuke 7.9 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the sid parameter.

7.5CVSS8.9AI score0.00264EPSS