VYPR

PHP Nuke

by Warpspeed

CVEs (22)

  • CVE-2005-1028May 2, 2005
    risk 0.00cvss epss 0.01

    PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct request to (1) index.php with the forum_admin parameter set, (2) the Surveys module, or (3) the Your_Account module, which reveals the path in a PHP error message.

  • CVE-2003-1340Dec 31, 2003
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to…

Page 2 of 2