PHP-Nuke versions 7.9 and below suffer from a SQL injection vulnerability.
52bb7838d5fc015299a8ede3ec088eed8005e72df86a4ade620af7ba20d893b1[N]eo [S]ecurity [T]eam [NST] - Advisory 30 - 2006-11-24: PHP-Nuke versions 7.9 and below suffer from a SQL injection vulnerability in the sid variable of the news module.
e3809d07b16c1577f5be9e7bbf56fef5eb6f12fe8a4ea2c7ae14ba04527e3b90The Journal module in PHP-Nuke 7.9 and prior suffers from SQL injection in search.php. POC exploit included that grabs the password hash of the first admin.
40ad3ad70a9f57b3cc49988097b061fa80de6c8711bc229ffddc02499ec38ffb[N]eo [S]ecurity [T]eam [NST] - Advisory 28 - 2006-10-25: PHP-Nuke 7.9 and prior Search module "author" SQL Injection vulnerability.
257e6728bdd3845e4cd214b25c644fc4e45e2d08c387fb6f72f930709e50d1ba[N]eo [S]ecurity [T]eam [NST] - Advisory 27 - 2006-10-22: PHP Nuke versions 7.9 and prior SQL injection advisory and POC exploit.
a631273d526ba8d6c2ae44d86a8c12f330573ca9b1138f7cb7d8703b4a0c47a2[N]eo [S]ecurity [T]eam [NST] - Advisory #26 - 09/10/06: PHP open_basedir with symlink() function Race Condition PoC exploit
3d6c97cd14685b745e27d10b816d854d072ba35a54e70ed6389a075424b9ec70PHP Live! versions 3.1 and below suffer from a remote file inclusion vulnerability.
0732b452553cd8bc6ccb911f21c7170c0a9e296112f489ff2cb9bac72d6a5ab6Graffiti Forums version 1.0 suffers from SQL injection vulnerabilities.
56d2c26a4ca1a61cb85a700408c765487020b686942975869595f1d622bce15bPBL Guestbook versions 1.32 and below suffer from cross site scripting and SQL injection vulnerabilities.
2e9d3de56f178204c6a9560fe34e9b79011e61e8164840fb764c3e9a279cb5c2PhotoBlogger versions 3.0 and below suffer from cross site scripting and SQL injection vulnerabilities.
449c56de560d9b374c3a92df9c3cdb251ac391d51f429449f2f2cbaf9334ecc7Pixel Post versions 1.4.3 and 1.5 beta1 have been found susceptible to SQL injection and cross site scripting attacks.
380878565a9c6bdabddd71ab710ce332a7eb9c1947b4866d464de3d52a1c8c38Invision Power Board 2.1.4 Multiple Full Path Disclosure Vulnerabilities.
afc8b5d91c94d44473b65e19fa3da4a01a1ee7b049738c05208ffbd89108b14dPunBB 1.2.10 database flooding Denial of Service exploit.
5210d0ac87a7a438eeab25fb386320adbf49039923ad536d5524db34c2a4e8faphpBB 2.0.13 fails to properly sanitize some variables in the usercp_register.php script.
0752a9f2af60d8528ee32be5f69a3cf658ac23e6660bd352fd557917bff6672fphpBB 2.0.x session handling administrator authentication bypass exploit.
f1ad3ef52f9c74f3f9a07f0558a9e6d8986121cc79114d6a2edb82215cddba31
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed