CVE-2006-5720 – PHP-Nuke 7.x Journal Module - 'search.php' SQL Injection
https://notcve.org/view.php?id=CVE-2006-5720
SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and earlier allows remote attackers to execute arbitrary SQL commands via the forwhat parameter. Vulnerabilidad de inyección SQL en modules/journal/search.php en el módulo Journal en Francisco Burzi PHP-Nuke 7.9 y anteriores, permite a un atacante remoto ejecutar comandos SQL de su elección a través de un parámetro forwhat. • https://www.exploit-db.com/exploits/28885 http://secunia.com/advisories/22617 http://securityreason.com/securityalert/1812 http://www.neosecurityteam.net/index.php?action=advisories&id=29 http://www.securityfocus.com/archive/1/450183/100/0/threaded http://www.securityfocus.com/bid/20829 http://www.vupen.com/english/advisories/2006/4295 https://exchange.xforce.ibmcloud.com/vulnerabilities/29940 •
CVE-2006-5525 – PHP-Nuke 7.9 - 'Encyclopedia' SQL Injection
https://notcve.org/view.php?id=CVE-2006-5525
Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and earlier allows remote attackers to conduct SQL injection attacks via (1) "/**/UNION " or (2) " UNION/**/" sequences, which are not rejected by the protection mechanism, as demonstrated by a SQL injection via the eid parameter in a search action in the Encyclopedia module in modules.php. Vulnerabilidad de lista negra incompleta en mainfile.php en PHP-Nuke 7.9 y anteriores permite a un atacante remoto llevar a cabo un ataque de inyección SQL a través de las secuencias (1) "/**/UNION " o (2) " UNION/**/", lo cual no es aceptado por los mecanismos de protección, como se demostró por la inyección SQL a través del parámetro eid en una acción de búsqueda en el módulo Encyclopedia en modules.php. • https://www.exploit-db.com/exploits/2617 http://secunia.com/advisories/22511 http://www.neosecurityteam.net/index.php?action=advisories&id=27 http://www.securityfocus.com/bid/20674 http://www.vupen.com/english/advisories/2006/4149 https://exchange.xforce.ibmcloud.com/vulnerabilities/29705 •
CVE-2006-0805 – PHP-Nuke 7.x - CAPTCHA Bypass
https://notcve.org/view.php?id=CVE-2006-0805
The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote attackers to bypass CAPTCHA controls by fixing the User Agent, performing a valid challenge/response, then replaying that pair in the random_num and gfx_check parameters. • https://www.exploit-db.com/exploits/27249 http://secunia.com/advisories/18936 http://securityreason.com/securityalert/455 http://www.securityfocus.com/archive/1/425394/100/0/threaded http://www.securityfocus.com/bid/16722 http://www.waraxe.us/advisory-45.html •
CVE-2006-0676 – PHP-Nuke 6.x/7.x - 'header.php?Pagetitle' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-0676
Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote attackers to inject arbitrary web script or HTML via the pagetitle parameter. • https://www.exploit-db.com/exploits/27208 http://secunia.com/advisories/18820 http://securityreason.com/securityalert/425 http://www.securityfocus.com/archive/1/424956/100/0/threaded http://www.securityfocus.com/bid/16608 http://www.vupen.com/english/advisories/2006/0542 http://www.waraxe.us/advisory-44.html https://exchange.xforce.ibmcloud.com/vulnerabilities/24650 •
CVE-2005-4260 – PHP-Nuke 7.x - Content Filtering Bypass
https://notcve.org/view.php?id=CVE-2005-4260
Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote attackers to perform cross-site scripting (XSS) attacks by replacing the ">" in the tag with a "<", which bypasses the regular expressions that sanitize the data, but is automatically corrected by many web browsers. NOTE: it could be argued that this vulnerability is due to a design limitation of many web browsers; if so, then this should not be treated as a vulnerability in PHP-Nuke. Conflicto de interpretación en includes/mainfile.php en PHP-Nuke 7.9 y anteriores permite a atacantes remotos realizar ataques de secuencias de comandos en sitios cruzados (XSS) reemplazando el ">" en una etiqueta con un "<" lo que evita las expresiones regulares que sanean los datos, pero es automáticamente corregido por muchos navegadores web. NOTA: podría ser argumentado que esto es debido a una limitación de diseño de muchos navegadores web; si es así, esto no debería ser tratado como una vulnerabilidad de PHP-Nuke. • https://www.exploit-db.com/exploits/26817 http://www.securityfocus.com/archive/1/419496/100/0/threaded http://www.securityfocus.com/archive/1/419991/100/0/threaded http://www.securityfocus.com/bid/15855 •