CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0996
https://notcve.org/view.php?id=CVE-2005-0996
Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min parameter in the search function. • http://marc.info/?l=bugtraq&m=111289685724764&w=2 •
CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 2CVE-2005-0434
https://notcve.org/view.php?id=CVE-2005-0434
Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via (1) the newdownloadshowdays parameter in a NewDownloads operation or (2) the newlinkshowdays parameter in a NewLinks operation. • http://www.securityfocus.com/bid/12561 http://www.waraxe.us/advisory-40.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19346 •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 1CVE-2005-0433
https://notcve.org/view.php?id=CVE-2005-0433
Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message. • http://www.securityfocus.com/bid/12561 http://www.waraxe.us/advisory-40.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19344 •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 4CVE-2004-2295 – PHP-Nuke 6.x/7.x Reviews Module - 'order' SQL Injection
https://notcve.org/view.php?id=CVE-2004-2295
SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter. • https://www.exploit-db.com/exploits/24192 http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0310.html http://secunia.com/advisories/11852 http://www.osvdb.org/7000 http://www.securityfocus.com/archive/1/365865 http://www.securityfocus.com/bid/10524 https://exchange.xforce.ibmcloud.com/vulnerabilities/16407 •
CVSS: 5.0EPSS: 17%CPEs: 15EXPL: 4CVE-2004-2297 – PHP-Nuke 6.x/7.x - Multiple Input Validation Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-2297
The Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large, out-of-range score parameter. • https://www.exploit-db.com/exploits/24193 http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0310.html http://secunia.com/advisories/11852 http://www.osvdb.org/7002 http://www.osvdb.org/7003 http://www.securityfocus.com/archive/1/365865 http://www.securityfocus.com/bid/10524 https://exchange.xforce.ibmcloud.com/vulnerabilities/16409 •