CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2008-1591 – PostNuke 0.764 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2008-1591
The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quotes_runtime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENT_IP HTTP header (HTTP_CLIENT_IP variable). La función pnVarPrepForStore en PostNuke 0.764 y anteriores se salta las entradas de limpieza cuando está habilitado magic_quotes_runtime, lo que permite a atacantes remotos llevar a cabo ataques de inyección SQL y ejecutar comandos SQL de su elección a través de entradas asociadas con variables de servidor, como se demostró por la cabecera CLIENT_IP HTTP (variable HTTP_CLIENT_IP). • https://www.exploit-db.com/exploits/5292 http://www.securityfocus.com/bid/28407 https://exchange.xforce.ibmcloud.com/vulnerabilities/41375 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2006-6233
https://notcve.org/view.php?id=CVE-2006-6233
SQL injection vulnerability in the Downloads module for unknown versions of PostNuke allows remote attackers to execute arbitrary SQL commands via the lid parameter in a viewdownloaddetails operation. NOTE: this issue might have been in the viewdownloaddetails function in dl-downloaddetails.php, but PostNuke 0.764 does not appear to have this issue. Vulnerabilidad de inyección SQL en el módulo Downloads para versiones desconocidas de PostNuke permite a un atacante remoto ejecutar comandos SQL de su elección a través del parámetro lid en una operación viewdownloaddetails. NOTA: este asunto pudo haber estado en la función viewdownloaddetails en dl-downloaddetails.php, pero PostNuke 0.764 no parece tener este asunto. • http://securityreason.com/securityalert/1952 http://www.securityfocus.com/archive/1/437832/100/200/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/27501 •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 2CVE-2006-5733 – PostNuke 0.763 - 'PNSV lang' Remote Code Execution
https://notcve.org/view.php?id=CVE-2006-5733
Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php. Vulnerabilidad de escalado de directorio en error.php en PostNuke 0.7.63 y anteriores permite a atacantes remotos incluir y ejecutar archivos locales de su elección mediante un .. (punto punto) en la cookie PNSVlang (PNSV lang), como ha sido demostrado inyectando secuencias PHP en el archivo de registro del Servidor HTTP Apache, que luego es incluido por error.php. • https://www.exploit-db.com/exploits/2707 http://community.postnuke.com/Article2787.htm http://secunia.com/advisories/22983 http://www.securityfocus.com/bid/20897 http://www.securityfocus.com/bid/21218 https://exchange.xforce.ibmcloud.com/vulnerabilities/29992 •
CVSS: 2.6EPSS: 0%CPEs: 19EXPL: 2CVE-2006-0800 – PostNuke 0.6x/0.7x NS-Languages Module - 'language' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-0800
Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML tags with a trailing "<" character, which is interpreted as a ">" character by some web browsers but bypasses the blacklist protection in (1) the pnVarCleanFromInput function in pnAPI.php, (2) the pnSecureInput function in pnAntiCracker.php, and (3) the htmltext parameter in an edituser operation to user.php. • https://www.exploit-db.com/exploits/27254 http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0469.html http://news.postnuke.com/index.php?name=News&file=article&sid=2754 http://secunia.com/advisories/18937 http://securityreason.com/securityalert/454 http://www.securityfocus.com/bid/16752 http://www.vupen.com/english/advisories/2006/0673 https://exchange.xforce.ibmcloud.com/vulnerabilities/24823 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.1EPSS: 2%CPEs: 1EXPL: 1CVE-2006-0801 – PostNuke 0.6x/0.7x NS-Languages Module - 'language' SQL Injection
https://notcve.org/view.php?id=CVE-2006-0801
SQL injection vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_quotes_gpc is off, allows remote attackers to execute arbitrary SQL commands via the language parameter to admin.php. • https://www.exploit-db.com/exploits/27255 http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0469.html http://news.postnuke.com/index.php?name=News&file=article&sid=2754 http://secunia.com/advisories/18937 http://securityreason.com/securityalert/454 http://www.securityfocus.com/bid/16752 http://www.vupen.com/english/advisories/2006/0673 https://exchange.xforce.ibmcloud.com/vulnerabilities/24827 •