CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0318
https://notcve.org/view.php?id=CVE-2003-0318
Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados en el módulo de estadísticas de PHP-Nuke 6.0 y anteriores permite que atacantes remotos inserten script web arbitrario mediante el parámetro year. • http://marc.info/?l=bugtraq&m=105319538308834&w=2 •
CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0279
https://notcve.org/view.php?id=CVE-2003-0279
Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php. Múltiples vulnerabilidades de inyección SQL en el módulo Web_Links para PHP-Nuke 5.x hasta 6.5 permite que atacantes remotos roben información mediante campos numéricos, como se ha demostrado usando (1) la función viewlink y el parámetro cid, o (2) index.php. • http://archives.neohapsis.com/archives/bugtraq/2003-05/0147.html http://marc.info/?l=bugtraq&m=105276019312980&w=2 http://www.securityfocus.com/bid/7558 http://www.securityfocus.com/bid/7588 https://exchange.xforce.ibmcloud.com/vulnerabilities/11984 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3CVE-2002-1803 – PHP-Nuke 6.0 - News Message HTML Injection
https://notcve.org/view.php?id=CVE-2002-1803
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. • https://www.exploit-db.com/exploits/21859 http://archives.neohapsis.com/archives/bugtraq/2002-09/0307.html http://www.iss.net/security_center/static/10173.php http://www.securityfocus.com/bid/5796 •