Postnuke@0.762 Security Vulnerabilities and Issues — Postnuke@0.762 CVE List

Lucene search

Postnuke Software FoundationPostnuke0.762

3 matches found

CVE•added 2006/11/06 6:7 p.m.•36 views

CVE-2006-5733

Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then incl...

7.5CVSS7.5AI score0.07826EPSS

CVE•added 2006/12/02 11:28 a.m.•32 views

CVE-2006-6233

SQL injection vulnerability in the Downloads module for unknown versions of PostNuke allows remote attackers to execute arbitrary SQL commands via the lid parameter in a viewdownloaddetails operation. NOTE: this issue might have been in the viewdownloaddetails function in dl-downloaddetails.php, bu...

7.5CVSS8.8AI score0.00468EPSS

CVE•added 2006/10/03 4:3 a.m.•27 views

CVE-2006-5121

SQL injection vulnerability in modules/Downloads/admin.php in the Admin section of PostNuke 0.762 allows remote attackers to execute arbitrary SQL commands via the hits parameter.

7.5CVSS8.3AI score0.00785EPSS