VYPR
Vendor

Warpspeed

Products
23
CVEs
87
Across products
89
Status
Private

Products

23

Recent CVEs

87
View all 87 CVEs →
  • CVE-2004-1842HigDec 31, 2004
    risk 0.60cvss 8.8epss 0.02

    Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php.

  • CVE-2008-2020HigApr 30, 2008
    risk 0.49cvss 7.5epss 0.02

    The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Commerce-Suite (aka 123tkShop) 0.9.1, (3) phpMyBitTorrent 1.2.2, (4) TorrentFlux 2.3, (5) e107 0.7.11, (6) WebZE 0.5.9, (7) Open Media Collectors Database (aka OpenDb) 1.5.0b4, and…

  • CVE-2006-4968Sep 25, 2006
    risk 0.04cvss epss 0.09

    PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

  • CVE-2006-0147Jan 9, 2006
    risk 0.04cvss epss 0.13

    Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote…

  • CVE-2006-0146Jan 9, 2006
    risk 0.04cvss epss 0.13

    The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to…

  • CVE-2002-2015Dec 31, 2002
    risk 0.04cvss epss 0.09

    PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.

  • CVE-2002-0535Jul 3, 2002
    risk 0.04cvss epss 0.07

    Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.

  • CVE-2002-0206May 16, 2002
    risk 0.04cvss epss 0.07

    index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.

  • CVE-2001-0899Nov 16, 2001
    risk 0.04cvss epss 0.09

    Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable.

  • CVE-2014-3934Jun 2, 2014
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics[] parameter to modules.php.

  • CVE-2010-5083Feb 14, 2012
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.

  • CVE-2009-1842Jun 1, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header.

  • CVE-2008-6779May 1, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.

  • CVE-2008-3151Jul 11, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_dvd action.

  • CVE-2008-2191May 14, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and earlier for PostNuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a display_term action to index.php.

  • CVE-2008-2012Apr 30, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action.

  • CVE-2008-1219Mar 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Kutub-i Sitte (KutubiSitte) 1.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the kid parameter in a hadisgoster action to modules.php.

  • CVE-2008-1220Mar 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the 4nChat 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the roomid parameter in an index action to modules.php. NOTE: the provenance of this information is unknown; the details are obtained solely from…

  • CVE-2008-1053Feb 27, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the artid parameter in a (1) viewarticle or (2) printpage action to modules.php.

  • CVE-2008-0880Feb 21, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter.