VYPR

PHP-Nuke Platinum

by PHP-Nuke

CVEs (3)

  • CVE-2008-1680Apr 4, 2008
    risk 0.03cvss epss 0.02

    PHP-Nuke Platinum 7.6.b.5 allows remote attackers to obtain configuration information via a direct request to maintenance/index.php, which reveals settings such as magic_quotes_gpc.

  • CVE-2008-1539Mar 28, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module.

  • CVE-2007-5676Oct 24, 2007
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nuke_bb_root_path parameter.