Vulnerabilities > Nuked Klan > Nuked Klan > 1.5.sp2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-05 | CVE-2007-0083 | Unspecified vulnerability in Nuked-Klan Cross-site scripting (XSS) vulnerability in Nuked Klan 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a getURL statement in a .swf file, as demonstrated by "Remote Cookie Disclosure." NOTE: it could be argued that this is an issue in Shockwave instead of Nuked Klan. network nuked-klan | 6.8 |
2006-03-28 | CVE-2006-1419 | SQL Injection vulnerability in Nuked-Klan SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php. | 5.0 |
2004-12-31 | CVE-2004-1937 | Multiple vulnerability in Nuked-Klan Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and 1.5b allow remote attackers to read or include arbitrary files via .. | 5.0 |