Php-nuke@8.0 final Security Vulnerabilities and Issues — Php-nuke@8.0 final CVE List

Lucene search

Francisco BurziPhp-nuke8.0 final

3 matches found

cve•added 2007/02/22 12:28 a.m.•60 views

CVE-2007-1061

SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).

6.8CVSS8.4AI score0.56277EPSS

cve•added 2007/12/15 1:46 a.m.•39 views

CVE-2007-6376

Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filename parameter, a different vector than CVE-2006-4190. NOTE: the provenance of this information is unknown; the detail...

7.5CVSS6.8AI score0.00149EPSS

cve•added 2007/09/21 7:17 p.m.•36 views

CVE-2007-5032

Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.

5.1CVSS6.9AI score0.00014EPSS