SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   


View Topics  >  Vendor  >  postnuke.com

Jul 1 2005   (PostNuke Issues Advisory) XML-RPC for PHP Lets Remote Users Execute Arbitrary PHP Code
May 27 2005   PostNuke Input Validation Error in 'readpmsg.php' Permits SQL Injection and Cross-Site Scripting Attacks
Apr 9 2005   PostNuke Input Validation Holes in News Module Permits SQL Injection and in 'admin.php' and 'user.php' Permit Cross-Site Scripting Attacks
Feb 28 2005   PostNuke Input Validation Holes in 'pnadmin', 'dl-util', 'dl-search' and Other Scripts Let Remote Users Inject SQL Commands
Oct 26 2004   PostNuke Downloads Site May Have Been Compromised
Sep 21 2004   PostNuke 'admin.php' and Other Files Disclose Installation Path to Remote Users
Jul 22 2004   PostNuke 'install.php' Discloses Administrator Password to Remote Users
Jul 18 2004   PostNuke Input Validation Hole in Reviews Module 'title' Field Permits Cross-Site Scripting Attacks
Apr 21 2004   PostNuke Downloads, Web_Links, 'openwindow.php' Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks
Apr 19 2004   PostNuke NS-Polls Input Validation Hole in 'pn_uid' Permits SQL Injection
Apr 15 2004   PostNuke Input Validation Flaw in 'NS-Your_Account' Module Lets Remote Users Inject SQL Commands
Jan 7 2004   PostNuke Input Validation Flaw in 'sortby' Variable in 'members_list' Module Permits SQL Injection
Aug 8 2003   PostNuke 'ttitle' Variable in 'Web_Links' Modules Permits Remote Cross-Site Scripting Attacks
May 26 2003   PostNuke Input Validation Flaws in Glossary May Allow SQL Injection
Mar 10 2003   PostNuke Input Validation Bugs in Members_List and in the 'theme' Variable Let Remote Users Inject SQL Commands and Execute Scripts on the System
Nov 18 2002   (Vendor Issues Fix) Re: PostNuke Input Filtering Error in 'modules.php' Facilitates Remote Cross-Site Scripting Attacks
Nov 8 2002   PostNuke Input Filtering Error in 'modules.php' Facilitates Remote Cross-Site Scripting Attacks
Jan 7 2002   PostNuke Downloads Module 'ttitle' Parameter Allows Cross-Site Scripting Attacks







Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC