Filtered by vendor Php-nuke
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0906 | 1 Php-nuke | 1 Php-nuke Module Docum | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation. | |||||
| CVE-2008-0922 | 1 Php-nuke | 1 Manuales | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php. | |||||
| CVE-2008-0934 | 2 Nukec, Php-nuke | 2 Nukec, Nukec Module | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action. | |||||
| CVE-2008-3573 | 2 Php-nuke, Pligg | 2 Php-nuke, Pligg | 2017-08-07 | 5.0 MEDIUM | N/A |
| The CAPTCHA implementation in (1) Pligg 9.9.5 and possibly (2) Francisco Burzi PHP-Nuke 8.1 provides a critical random number (the ts_random value) within the URL in the SRC attribute of an IMG element, which allows remote attackers to pass the CAPTCHA test via a calculation that combines this value with the current date and the HTTP User-Agent string. | |||||
| CVE-2006-0185 | 1 Php-nuke | 2 News Module, Pool Module | 2011-03-07 | 5.0 MEDIUM | N/A |
| Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) News Modules in Php-Nuke allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag. | |||||