Php-nuke : Security Vulnerabilities, CVEs, (Sql injection) CVSS score >= 1

CVE-2009-0302

SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
Max CVSS
4.6
EPSS Score
0.47%
Published
2009-01-27
Updated
2018-10-11

CVE-2008-7226

SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-09-14
Updated
2019-07-01

CVE-2008-6866

SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-07-14
Updated
2018-10-11

CVE-2008-6865

SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-07-14
Updated
2019-07-01

CVE-2008-1315

SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter to modules.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-03-13
Updated
2018-10-11

CVE-2008-1298

SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php.
Max CVSS
7.5
EPSS Score
0.23%
Published
2008-03-12
Updated
2018-10-11

CVE-2008-0934

SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action.
Max CVSS
7.5
EPSS Score
0.07%
Published
2008-02-25
Updated
2017-09-29

CVE-2008-0922

SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-02-22
Updated
2017-09-29

CVE-2008-0907

SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Max CVSS
7.5
EPSS Score
0.07%
Published
2008-02-22
Updated
2017-09-29

CVE-2008-0906

SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-22
Updated
2017-09-29

CVE-2007-1034

SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
Max CVSS
7.5
EPSS Score
0.25%
Published
2007-02-21
Updated
2018-10-19

CVE-2006-3599

SQL injection vulnerability in the Nuke Advanced Classifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_ads parameter in an EditAds op.
Max CVSS
7.5
EPSS Score
0.18%
Published
2006-07-18
Updated
2018-10-18

CVE-2006-3598

SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op.
Max CVSS
7.5
EPSS Score
0.31%
Published
2006-07-18
Updated
2018-10-18
13 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close