Vulnerabilities > Nukeai

DATE CVE VULNERABILITY TITLE RISK
2006-12-04 CVE-2006-6255 Remote Code Execution vulnerability in Nukeai 0.0.3Beta
Direct static code injection vulnerability in util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension in the filename parameter and code in the moreinfo parameter, which is saved to a filename under descriptions/, which is accessible via a direct request.
network
low complexity
nukeai
7.5
2006-12-01 CVE-2006-6202 Remote Code Execution vulnerability in Nukeai Beta0.0.3
PHP remote file inclusion vulnerability in modules/NukeAI/util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to execute arbitrary PHP code via a URL in the AIbasedir parameter.
network
low complexity
nukeai
7.5