Vulnerabilities > Phpnuke

DATE CVE VULNERABILITY TITLE RISK
2021-04-07 CVE-2021-30177 SQL Injection vulnerability in PHPnuke PHP-Nuke 8.3.3
There is a SQL Injection vulnerability in PHP-Nuke 8.3.3 in the User Registration section, leading to remote code execution.
network
low complexity
phpnuke CWE-89
7.5
2014-06-02 CVE-2014-3934 SQL Injection vulnerability in PHPnuke PHP-Nuke and Submit News Module
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics[] parameter to modules.php.
network
low complexity
phpnuke CWE-89
7.5
2012-02-14 CVE-2010-5083 SQL Injection vulnerability in PHPnuke PHP-Nuke and web Links Module
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
network
low complexity
phpnuke CWE-89
7.5
2011-09-24 CVE-2011-3784 Information Exposure vulnerability in PHPnuke PHP-Nuke 8.0
Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files.
network
low complexity
phpnuke CWE-200
5.0
2009-09-14 CVE-2008-7226 SQL Injection vulnerability in PHP-Nuke Recipe Module 1.3/1.4
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
network
low complexity
php-nuke phpnuke CWE-89
7.5
2009-08-24 CVE-2008-7038 SQL Injection vulnerability in Maxdev MY Egallery
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php.
network
low complexity
phpnuke maxdev CWE-89
7.5
2009-07-14 CVE-2008-6865 SQL Injection vulnerability in PHP-Nuke Sections Module
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
network
low complexity
php-nuke phpnuke CWE-89
7.5
2009-06-01 CVE-2009-1842 SQL Injection vulnerability in PHPnuke PHP-Nuke 8.0
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header.
network
low complexity
phpnuke CWE-89
7.5
2009-05-01 CVE-2008-6779 SQL Injection vulnerability in PHPnuke Sarkilar Module
SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.
network
low complexity
phpnuke CWE-89
7.5
2009-04-20 CVE-2008-6728 SQL Injection vulnerability in PHPnuke PHP-Nuke
SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
network
low complexity
phpnuke CWE-89
7.5