Vulnerabilities > PHP Nuke
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-02-22 | CVE-2008-0922 | SQL Injection vulnerability in PHP-Nuke Manuales 0.1 SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php. | 7.5 |
2008-02-22 | CVE-2008-0907 | SQL Injection vulnerability in PHP-Nuke Inhalt Module SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2008-02-22 | CVE-2008-0906 | SQL Injection vulnerability in PHP-Nuke Module Docum SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation. | 7.5 |
2007-06-21 | CVE-2007-3332 | Local File Include vulnerability in Satel Lite Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. | 5.0 |
2007-04-10 | CVE-2007-1934 | Local File Include vulnerability in PHP-Nuke Eboard Module 1.0.7 Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. network php-nuke | 6.8 |
2007-03-23 | CVE-2007-1626 | Remote File Include vulnerability in PHP-Nuke IFrame Module IFrame.PHP PHP remote file inclusion vulnerability in iframe.php in the iFrame Module for PHP-NUKE allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | 9.3 |
2007-02-21 | CVE-2007-1034 | SQL Injection vulnerability in PHP-Nuke Emporium Module SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | 7.5 |
2006-12-01 | CVE-2006-6217 | Remote Security vulnerability in PHP-Nuke Mermaid Module 1.2 PHP remote file inclusion vulnerability in formdisp.php in the Mermaid 1.2 module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the module_name parameter. | 7.5 |
2006-08-17 | CVE-2006-4190 | Local File Include vulnerability in PHP-Nuke Autohtml Module 2.0 Directory traversal vulnerability in autohtml.php in the AutoHTML module for PHP-Nuke allows local users to include arbitrary files via a .. | 2.1 |
2006-08-01 | CVE-2006-3948 | Cross-Site Scripting vulnerability in PHPNuke INP Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke INP allows remote attackers to inject arbitrary web script or HTML via the query parameter. network php-nuke | 4.3 |