Vulnerabilities > Nuked Klan > Nuked Klan > 1.3.beta
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-01 | CVE-2008-7132 | Cross-Site Scripting vulnerability in Nuked-Klan 1.3Beta Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1.3 beta allows remote attackers to inject arbitrary web script or HTML via the nuked_nude parameter. | 4.3 |
2007-01-05 | CVE-2007-0083 | Unspecified vulnerability in Nuked-Klan Cross-site scripting (XSS) vulnerability in Nuked Klan 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a getURL statement in a .swf file, as demonstrated by "Remote Cookie Disclosure." NOTE: it could be argued that this is an issue in Shockwave instead of Nuked Klan. network nuked-klan | 6.8 |
2006-03-28 | CVE-2006-1419 | SQL Injection vulnerability in Nuked-Klan SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php. | 5.0 |
2004-12-31 | CVE-2004-1937 | Multiple vulnerability in Nuked-Klan Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and 1.5b allow remote attackers to read or include arbitrary files via .. | 5.0 |
2003-12-31 | CVE-2003-1371 | Cross-Site Scripting vulnerability in Nuked-Klan 1.3Beta Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. | 4.3 |
2003-12-31 | CVE-2003-1238 | Cross-Site Scripting vulnerability in Nuked-Klan Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules. network nuked-klan | 5.8 |