Php-nuke Security Vulnerabilities and Issues — Php-nuke CVE List

Lucene search

PhpnukePhp-nuke

4 matches found

CVE•added 2007/08/08 2:17 a.m.•49 views

CVE-2007-4212

Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "" in (1) the onerror attribute of an IMG element, (2) the onload attribute of an IFRAME element, or (3) redirect users to other sites vi...

4.3CVSS5.7AI score0.00285EPSS

CVE•added 2007/03/14 6:19 p.m.•39 views

CVE-2007-1449

Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.

4.3CVSS6.7AI score0.00344EPSS

CVE•added 2011/06/21 2:52 a.m.•37 views

CVE-2011-1481

Multiple cross-site scripting (XSS) vulnerabilities in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) sender_name or (2) sender_email parameter in a Feedback action to modules.php.

4.3CVSS5.9AI score0.00254EPSS

CVE•added 2007/03/20 8:19 p.m.•33 views

CVE-2007-1519

Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948.

4.3CVSS5.6AI score0.03175EPSS