Vulnerabilities > PHP Nuke > High

DATE CVE VULNERABILITY TITLE RISK
2009-09-14 CVE-2008-7226 SQL Injection vulnerability in PHP-Nuke Recipe Module 1.3/1.4
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
network
low complexity
php-nuke phpnuke CWE-89
7.5
7.5
2009-07-14 CVE-2008-6866 SQL Injection vulnerability in PHP-Nuke Current Issue Module
SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action.
network
low complexity
php-nuke CWE-89
7.5
7.5
2009-07-14 CVE-2008-6865 SQL Injection vulnerability in PHP-Nuke Sections Module
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
network
low complexity
php-nuke phpnuke CWE-89
7.5
7.5
2008-08-07 CVE-2008-3513 SQL Injection vulnerability in PHP Nuke Basis Consultant Book Catalog 1.0
SQL injection vulnerability in the Book Catalog module 1.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to modules.php.
network
low complexity
php-nuke CWE-89
7.5
7.5
2008-08-07 CVE-2008-3512 SQL Injection vulnerability in PHP Nuke Kleinanzeigen Module
SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php.
network
low complexity
php-nuke CWE-89
7.5
7.5
2008-02-25 CVE-2008-0934 SQL Injection vulnerability in multiple products
SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action.
network
low complexity
nukec php-nuke CWE-89
7.5
7.5
2008-02-22 CVE-2008-0922 SQL Injection vulnerability in PHP-Nuke Manuales 0.1
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
network
low complexity
php-nuke CWE-89
7.5
7.5
2008-02-22 CVE-2008-0907 SQL Injection vulnerability in PHP-Nuke Inhalt Module
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
network
low complexity
php-nuke CWE-89
7.5
7.5
2008-02-22 CVE-2008-0906 SQL Injection vulnerability in PHP-Nuke Module Docum
SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation.
network
low complexity
php-nuke CWE-89
7.5
7.5
2007-02-21 CVE-2007-1034 SQL Injection vulnerability in PHP-Nuke Emporium Module
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
network
low complexity
php-nuke CWE-89
7.5
7.5