Vulnerabilities > Myphpnuke

DATE CVE VULNERABILITY TITLE RISK
2008-09-15 CVE-2008-4092 SQL Injection vulnerability in Myphpnuke 1.8.87/1.8.88
SQL injection vulnerability in printfeature.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the artid parameter.
network
low complexity
myphpnuke CWE-89
7.5
7.5
2008-09-15 CVE-2008-4089 Cross-Site Scripting vulnerability in Myphpnuke 1.8.87/1.8.88
Cross-site scripting (XSS) vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
network
myphpnuke CWE-79
4.3
4.3
2008-09-15 CVE-2008-4088 SQL Injection vulnerability in Myphpnuke 1.8.87/1.8.88
SQL injection vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
network
low complexity
myphpnuke CWE-89
7.5
7.5
2006-12-28 CVE-2006-6795 Remote File Include vulnerability in Myphpnuke MY Egallery 2.5.6
PHP remote file inclusion vulnerability in gallery/displayCategory.php in the My_eGallery 2.5.6 module in myPHPNuke (MPN) allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter.
network
low complexity
myphpnuke
7.5
7.5
2006-02-28 CVE-2006-0923 Cross-Site Scripting vulnerability in MyPHPNuke
Multiple cross-site scripting (XSS) vulnerabilities in MyPHPNuke (MPN) 1.88 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the letter parameter in reviews.php and (2) the dcategory parameter in download.php.
network
myphpnuke
4.3
4.3
2003-12-31 CVE-2003-1372 Cross-Site Scripting vulnerability in Myphpnuke 1.8.8
Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. 		4.3
4.3
2002-12-31 CVE-2002-1913 Unspecified vulnerability in Myphpnuke 1.8.8
phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable.
network
low complexity
myphpnuke
5.0
5.0