Futurenuke
Products
2- 2 CVEs
- 2 CVEs
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-1680 | 0.03 | — | 0.04 | Apr 4, 2008 | PHP-Nuke Platinum 7.6.b.5 allows remote attackers to obtain configuration information via a direct request to maintenance/index.php, which reveals settings such as magic_quotes_gpc. | ||
| CVE-2008-1539 | 0.03 | — | 0.00 | Mar 28, 2008 | SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module. | ||
| CVE-2007-5676 | 0.03 | — | 0.03 | Oct 24, 2007 | PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nuke_bb_root_path parameter. | ||
| CVE-2006-0829 | 0.00 | — | 0.01 | Feb 21, 2006 | Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrary web script or HTML via the referer (HTTP_REFERER), which is not sanitized when the log file is viewed by the administrator using "Click Log". |
- CVE-2008-1680Apr 4, 2008risk 0.03cvss —epss 0.04
PHP-Nuke Platinum 7.6.b.5 allows remote attackers to obtain configuration information via a direct request to maintenance/index.php, which reveals settings such as magic_quotes_gpc.
- CVE-2008-1539Mar 28, 2008risk 0.03cvss —epss 0.00
SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module.
- CVE-2007-5676Oct 24, 2007risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nuke_bb_root_path parameter.
- CVE-2006-0829Feb 21, 2006risk 0.00cvss —epss 0.01
Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrary web script or HTML via the referer (HTTP_REFERER), which is not sanitized when the log file is viewed by the administrator using "Click Log".