CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1050
https://notcve.org/view.php?id=CVE-2005-1050
The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message. • http://digitalparadox.org/advisories/postnuke.txt http://marc.info/?l=bugtraq&m=111298226029957&w=2 http://securitytracker.com/id?1013670 https://exchange.xforce.ibmcloud.com/vulnerabilities/20020 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0615
https://notcve.org/view.php?id=CVE-2005-0615
Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter. • http://marc.info/?l=bugtraq&m=110962819232255&w=2 http://news.postnuke.com/Article2669.html http://securitytracker.com/id?1013324 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0617
https://notcve.org/view.php?id=CVE-2005-0617
SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.760-RC2 allows remote attackers to execute arbitrary SQL commands via the show parameter. • http://marc.info/?l=bugtraq&m=110962710805864&w=2 http://news.postnuke.com/Article2669.html http://securitytracker.com/id?1013324 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0616
https://notcve.org/view.php?id=CVE-2005-0616
Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables. • http://marc.info/?l=bugtraq&m=110962768300373&w=2 http://news.postnuke.com/Article2669.html http://securitytracker.com/id?1013324 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2004-1949
https://notcve.org/view.php?id=CVE-2004-1949
SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via (1) the sif parameter to index.php in the Comments module or (2) timezoneoffset parameter to changeinfo.php in the Your_Account module. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020154.html http://marc.info/?l=bugtraq&m=108256503718978&w=2 http://news.postnuke.com/Article2580.html http://secunia.com/advisories/11386 http://securitytracker.com/id?1009801 http://www.osvdb.org/5368 http://www.osvdb.org/5369 http://www.securityfocus.com/bid/10146 https://exchange.xforce.ibmcloud.com/vulnerabilities/15869 https://exchange.xforce.ibmcloud.com/vulnerabilities/15875 •