Vulnerabilities > Francisco Burzi > PHP Nuke EV > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-16 | CVE-2006-0679 | SQL Injection vulnerability in Francisco Burzi PHP-Nuke EV 7.8 SQL injection vulnerability in index.php in the Your_Account module in PHP-Nuke 7.8 and earlier allows remote attackers to execute arbitrary SQL commands via the username variable (Nickname field). | 7.5 |
| 2006-01-11 | CVE-2006-0163 | SQL Injection vulnerability in Francisco Burzi PHP-Nuke EV 7.7R1 SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. | 7.5 |