Page 10 of 99 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 3

The preview_review function in the Reviews module in PHP-Nuke 6.0 to 7.3, when running on Windows systems, allows remote attackers to obtain sensitive information via an invalid date parameter, which generates an error message. • http://secunia.com/advisories/11852 http://www.osvdb.org/7001 http://www.securityfocus.com/archive/1/365865 http://www.securityfocus.com/bid/10524 https://exchange.xforce.ibmcloud.com/vulnerabilities/16408 •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 4

SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter. • https://www.exploit-db.com/exploits/24192 http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0310.html http://secunia.com/advisories/11852 http://www.osvdb.org/7000 http://www.securityfocus.com/archive/1/365865 http://www.securityfocus.com/bid/10524 https://exchange.xforce.ibmcloud.com/vulnerabilities/16407 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message. El módulo de búsqueda en Php-Nuke permite a atacantes remotos obtener información sensible mediante patrones de búsqueda (1) "**" o "+", que revelan la ruta en el mensaje de error. • http://marc.info/?l=bugtraq&m=109026609504767&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16736 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) sid, (2) max, (3) sel1, (4) sel2, (5) sel3, (6) sel4, (7) sel5, (8) match, (9) mod1, (10) mod2, or (11) mod3 parameters. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en index.php del módulo Busqueda de Php-Nuke permite a atacantes remotos inyectar script web o HTML de su elección mdiante los parámetros (1) sid, (2) max, (3) sel1, (4) sel2, (5)sel3, (6) sel4, (7) sel5, (8) match, (9) mod1, (10) mod2, o (11) mod3 . • http://marc.info/?l=bugtraq&m=109026609504767&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16721 •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en index.php del módulo de búsqueda de Php-Nuke permite a atacantes remotos inyectar script de su elección como otros usuarios mediante el campo entrada. • http://marc.info/?l=bugtraq&m=109002107329823&w=2 http://www.waraxe.us/index.php?modname=sa&id=35 https://exchange.xforce.ibmcloud.com/vulnerabilities/16721 •