CVE-2005-4260 – PHP-Nuke 7.x - Content Filtering Bypass
https://notcve.org/view.php?id=CVE-2005-4260
Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote attackers to perform cross-site scripting (XSS) attacks by replacing the ">" in the tag with a "<", which bypasses the regular expressions that sanitize the data, but is automatically corrected by many web browsers. NOTE: it could be argued that this vulnerability is due to a design limitation of many web browsers; if so, then this should not be treated as a vulnerability in PHP-Nuke. Conflicto de interpretación en includes/mainfile.php en PHP-Nuke 7.9 y anteriores permite a atacantes remotos realizar ataques de secuencias de comandos en sitios cruzados (XSS) reemplazando el ">" en una etiqueta con un "<" lo que evita las expresiones regulares que sanean los datos, pero es automáticamente corregido por muchos navegadores web. NOTA: podría ser argumentado que esto es debido a una limitación de diseño de muchos navegadores web; si es así, esto no debería ser tratado como una vulnerabilidad de PHP-Nuke. • https://www.exploit-db.com/exploits/26817 http://www.securityfocus.com/archive/1/419496/100/0/threaded http://www.securityfocus.com/archive/1/419991/100/0/threaded http://www.securityfocus.com/bid/15855 •
CVE-2005-3792 – PHP-Nuke 7.8 Search Module - SQL Injection
https://notcve.org/view.php?id=CVE-2005-3792
Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type. Múltiples vulnerabilidades de inyección de SQL en el módulo de Busqueda de PHP-Nuke 7.8, y posiblemente otras versiones anteriores a 7.9 con el parche 3.1, permite a atacantes remotos ejecutar comandos SQL arbitrarios, como se ha demostrado mediante el parámetro "query" en un tipo 'stories'. • https://www.exploit-db.com/exploits/1326 http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0454.html http://marc.info/?l=bugtraq&m=113210758511323&w=2 http://secunia.com/advisories/17543 http://securityreason.com/achievement_exploitalert/5 http://securitytracker.com/id?1015215 http://securitytracker.com/id?1015651 http://www.osvdb.org/20866 http://www.securityfocus.com/archive/1/425508/100/0/threaded http://www.securityfocus.com/archive/1/425627/100/0/threaded http& •
CVE-2005-3016
https://notcve.org/view.php?id=CVE-2005-3016
Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors. • http://secunia.com/advisories/16843 http://www.phpnuke.org/modules.php?name=News&file=article&sid=7435 •
CVE-2005-1386
https://notcve.org/view.php?id=CVE-2005-1386
PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) ipban.php, (2) db.php, (3) lang-norwegian.php, (4) lang-indonesian.php, (5) lang-greek.php, (6) a request to Web_Links with the portuguese language (lang-portuguese.php), (7) a request to Web_Links with the indonesian language (lang-indonesian.php), (8) a request to the survey module with the indonesian language (lang-indonesian.php), (9) a request to the Reviews module with the portuguese language, or (10) a request to the Journal module with the portuguese language, which reveal the path in an error message. • http://marc.info/?l=bugtraq&m=111478982629035&w=2 •
CVE-2005-1180
https://notcve.org/view.php?id=CVE-2005-1180
HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter. • http://marc.info/?l=bugtraq&m=111359804013536&w=2 http://secunia.com/advisories/14965 http://www.digitalparadox.org/advisories/pnuke.txt http://www.osvdb.org/15647 https://exchange.xforce.ibmcloud.com/vulnerabilities/20116 •