Lucene search
K
PhpnukePhp-nuke

4 matches found

CVE
CVE
added 2007/08/08 1:52 a.m.60 views

CVE-2007-4212

CVE-2007-4212 concerns multiple XSS flaws in the PHP-Nuke Search Module. The vulnerabilities allow remote attackers to inject arbitrary script/HTML by supplying a trailing “” in: (1) the onerror attribute of IMG, (2) the onload attribute of IFRAME, or (3) redirect via the META tag. Affected softw...

4.3CVSS5.7AI score0.01028EPSS
CVE
CVE
added 2011/06/21 1:0 a.m.58 views

CVE-2011-1481

CVE-2011-1481 affects PHP-Nuke 8.0 and earlier. The vulnerability is multiple cross-site scripting (XSS) in the Feedback action of modules.php, exploitable via the sender_name or sender_email parameters. Impact described as allowing remote attackers to inject arbitrary web script or HTML. NVD met...

4.3CVSS5.9AI score0.01089EPSS
CVE
CVE
added 2007/03/14 6:0 p.m.51 views

CVE-2007-1449

CVE-2007-1449 affects PHP-Nuke 8.0 and earlier. A directory-traversal flaw in mainfile.php allows remote attackers to read arbitrary files by supplying ".." in the lang parameter, enabling partial confidentiality impact. Root cause: insufficient input validation in the lang parameter. The connect...

4.3CVSS6.7AI score0.01268EPSS
CVE
CVE
added 2007/03/20 8:0 p.m.45 views

CVE-2007-1519

PHP-Nuke (versions 8.0 and earlier) is affected by a cross-site scripting (XSS) issue in modules.php, exploitable via the query parameter in the Downloads module search. This is a remote XSS vulnerability in PHP-Nuke INP/Downloads search path; the exact root cause is a failure to sanitize input i...

4.3CVSS5.6AI score0.01125EPSS