SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   


View Topics  >  Target  >  PHP-Nuke

Jan 15 2007   PHP-Nuke Input Validation Flaw in 'block-Old_Articles.php' Lets Remote Users Inject SQL Commands
Nov 24 2006   PHP-Nuke Input Validation Flaw in News Module in 'sid' Parameter Lets Remote Users Inject SQL Commands
Feb 21 2006   PHP-Nuke Input Validation Hole in Search Module Lets Remote Users Inject SQL Commands
Nov 15 2005   PHP-Nuke Input Validation Error in Search Module Lets Remote Users Inject SQL Commands
Oct 19 2005   PHP-Nuke Input Validation Errors in 'modules.php' Lets Remote Users Traverse the Directory
Jun 27 2005   PHP-Nuke Input Validation Hole in Offsite Avatar Image Parameter Permits Cross-Site Scripting Attacks
Apr 15 2005   PHP-Nuke Input Validation Hole in Surveys Module Permits HTTP Response Splitting Attacks
Apr 4 2005   PHP-Nuke Input Validation Flaws in Search, FAQ, and Banners Modules Permit Cross-Site Scripting Attacks
Feb 15 2005   PHP-Nuke Input Validation Holes in Downloads 'newdownloadshowdays' and Web Links 'newlinkshowdays' Permit Cross-Site Scripting Attacks
Sep 5 2004   PHP-Nuke 'admin.php' Authentication Flaw Lets Remote Users View Information and Delete Administrative Accounts
Sep 5 2004   PHP-Nuke Authentication Flaw in 'admin.php' Lets Remote Users Gain Administrative Privileges
Aug 11 2004   PHP-Nuke Input Validation Error in Search Box of Several Modules Permits Cross-Site Scripting Attacks
Jul 18 2004   PHP-Nuke Input Validation Error in Search Module 'categ' Variable Permits SQL Injection
Jul 17 2004   PHP-Nuke Input Validation Hole in 'instory' in Search Module Lets Remote Users Inject SQL Commands
Jun 23 2004   PHP-Nuke Input Validation Holes in Jounal and Other Modules Let Remote Users Inject SQL Commands and Conduct Cross-Site Scripting Attacks
Jun 11 2004   PHP-Nuke Input Validation Holes in Reviews, Encyclopedia, and Faq Modules Permit Cross-Site Scripting and Other Attacks
Jun 8 2004   PHP-Nuke Input Validation Hole in Reviews Module 'id' and 'title' Parameter Permits Cross-Site Scripting Attacks
Jun 1 2004   PHP-Nuke Security Check Can By Bypassed Letting Remote Users Determine Installation Path
Jun 1 2004   PHP-Nuke 'mainfile.php' Lets Local Users Execute Arbitrary SQL Queries
May 18 2004   PHP-Nuke $modpath Include File Flaw May Let Remote Users Execute Arbitrary Commands in Certain Cases
May 18 2004   PHP-Nuke Input Validation Flaw in Union Tap Prevention Feature Permits Cross-Site Scripting Attacks
May 5 2004   PHP-Nuke Input Validation Bugs in 'sid' Variable in 'Downloads' Module Permits SQL Injection and Cross-Site Scripting Attacks
Apr 13 2004   PHP-Nuke 'auth.php' Input Validation Error Lets Remote Users Bypass Authentication and Execute Admin-Level PHP-Nuke Commands
Apr 13 2004   PHP-Nuke 'modules.php' Input Validation Error Lets Remote Users Bypass Authentication and Execute User-Level PHP-Nuke Commands
Apr 12 2004   PHP-Nuke cookiedecode() Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks
Mar 16 2004   PHP-Nuke Input Validation Holes in Feedback, Downloads, Journal, and Other Modules Permit Cross-Site Scripting Attacks
Feb 10 2004   PHP-Nuke Search and Web_links Modules Permit Remote SQL Injection
Feb 10 2004   PHP-Nuke Public Message Input Validation Flaw Lets Remote Users Inject SQL Commands
Feb 10 2004   PHP-Nuke Input Validation Holes in 'News/friend' and 'Reviews' Modules Permit Cross-Site Scripting Attacks
Feb 2 2004   PHP-Nuke Input Validation Flaws in 'Downloads' and 'Sections' Permits SQL Injection
Dec 27 2003   PHP-Nuke Surveys Module Input Validation Flaw Permits SQL Injection
Oct 8 2003   PHP-Nuke 'modules.php' Input Validation Flaw in 'cid' Variable Lets Remote Users Inject SQL Commands
Oct 5 2003   PHP-Nuke 'mailattach.php' Input Validation Flaw Lets Remote Users Upload Arbitrary Files and Execute Them
May 18 2003   PHP-Nuke Input Validation Flaws in Several Modules (Sections, AvantGo, Surveys, Downloads, Reviews, Web_Links) Let Remote Users Inject SQL Commands
Apr 29 2003   PHP-Nuke HTML Tag Style Input Validation Flaws Allow Cross Site Scripting Attacks
Mar 25 2003   PHP-Nuke Input Validation Flaw in 'viewpage.php' Discloses Files on the System to Remote Users
Feb 3 2003   PHP-Nuke Input Validation Hole in Avatar Image Lets Remote Users Conduct Cross-Site Scripting Attacks
Dec 31 2002   PHP-Nuke Input Validation Flaw in New User Registration Signature Field Lets Remote Users Conduct Cross-Site Scripting Attacks
Dec 23 2002   PHP-Nuke Discloses Installation Path to Remote Users
Dec 20 2002   PHP-Nuke Mail Feature CR-LF Injection Bug Lets Remote Users Send E-mail Via the System
Nov 24 2002   PHP-Nuke Input Validation Holes in Search Module and Other Modules Allow Cross-Site Scripting Attacks
Nov 1 2002   PHP-Nuke SQL Injection Bug in 'modules.php' in the 'bio' Field Lets Remote Users Execute SQL Commands
Oct 10 2002   PHP-Nuke Multiple Input Validation Flaws Let Remote Users Conduct Cross-Site Scripting Attacks
Sep 25 2002   PHP-Nuke Input Filtering Hole in 'modules.php' Search Feature Permits Cross-Site Scripting Attacks Against PHP-Nuke Users
Apr 25 2002   More PHP-Nuke Input Filtering Bugs Let Remote Users Conduct Cross-Site Scripting Attacks Against Other Users
Apr 4 2002   PHP-Nuke Lets Remote Users Conduct Cross-Site Scripting Attacks Against PHP-Nuke Site Users
Mar 11 2002   PHP-Nuke Cross-site Scripting Flaw in Private Messages Lets Remote Users Steal PHP-Nuke User Cookies
Jan 16 2002   PHP-Nuke Index.php File Inclusion Bug Allows a Remote User to Specify and Execute Remotely Stored PHP Scripts on the PHP-Nuke Server
Dec 24 2001   PHP-Nuke 'friend.php' Module Allows Cross-Site Scripting Attacks
Dec 16 2001   PHP-Nuke 'modules.php', 'submit.php', and 'user.php' Input Validation Flaws Allow Cross-Site Scripting Attacks
Dec 3 2001   PHP-Nuke Displays User-Supplied HTML Without Escaping The Code, Facilitating Cross-Site Scripting Attacks
Nov 22 2001   PHP-Nuke Discloses Administrator Password in Authentication Cookie
Nov 8 2001   (Additional Vulnerability Information is Provided) Re: PHP-Nuke Lets Remote Users Upload Files to the Server and Copy Files on the Server, Yielding User Level Access on the Server
Sep 28 2001   PHP-Nuke Lets Remote Users Upload Files to the Server and Copy Files on the Server, Yielding User Level Access on the Server
Aug 11 2001   Several Bugs in PHP-Nuke Let Remote Users Take Administrative Control of the Web Portal or Cause the Site to Crash
Apr 5 2001   (Fix is Available) Re: PHP-Nuke May Allow Remote Unauthorized Changes to the URL Banner
Apr 3 2001   PHP-Nuke May Allow Remote Unauthorized Changes to the URL Banner
Mar 26 2001   PHP-Nuke May Execute A Local User's Arbitrary Code
Mar 2 2001   PHP-Nuke Web Site Management Software Allows Unauthorized Commands to Be Executed







Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC