CVSS: 5.0EPSS: 4%CPEs: 2EXPL: 1CVE-2003-1545 – PHP-Nuke 6.5 Addon - 'Viewpage.php' File Disclosure
https://notcve.org/view.php?id=CVE-2003-1545
Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addon. • https://www.exploit-db.com/exploits/22422 http://www.securityfocus.com/archive/1/316179/30/25340/threaded http://www.securityfocus.com/archive/1/316198/30/25340/threaded http://www.securityfocus.com/archive/1/316209/30/25340/threaded http://www.securityfocus.com/archive/1/316233/30/25340/threaded http://www.securityfocus.com/archive/1/316327/30/25340/threaded http://www.securityfocus.com/archive/1/316341/30/25310/threaded http://www.securityfocus.com/archive/1/316585/30/25 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 1CVE-2001-0899 – PHP-Nuke Network Tool 0.2 Addon - MetaCharacter Filtering Command Execution
https://notcve.org/view.php?id=CVE-2001-0899
Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable. • https://www.exploit-db.com/exploits/21155 http://marc.info/?l=bugtraq&m=100593523104176&w=2 http://phpnukerz.org/modules.php?name=Downloads&d_op=viewsdownload&sid=32 https://exchange.xforce.ibmcloud.com/vulnerabilities/7578 •