Php-nuke : Security Vulnerabilities, CVEs, (Sql injection) CVSS score >= 3
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
Max CVSS
4.6
EPSS Score
0.47%
Published
2009-01-27
Updated
2018-10-11
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-09-14
Updated
2019-07-01
SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-07-14
Updated
2018-10-11
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-07-14
Updated
2019-07-01
SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter to modules.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-03-13
Updated
2018-10-11
SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php.
Max CVSS
7.5
EPSS Score
0.23%
Published
2008-03-12
Updated
2018-10-11
SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action.
Max CVSS
7.5
EPSS Score
0.07%
Published
2008-02-25
Updated
2017-09-29
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-02-22
Updated
2017-09-29
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Max CVSS
7.5
EPSS Score
0.07%
Published
2008-02-22
Updated
2017-09-29
SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-22
Updated
2017-09-29
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
Max CVSS
7.5
EPSS Score
0.25%
Published
2007-02-21
Updated
2018-10-19
SQL injection vulnerability in the Nuke Advanced Classifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_ads parameter in an EditAds op.
Max CVSS
7.5
EPSS Score
0.18%
Published
2006-07-18
Updated
2018-10-18
SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op.
Max CVSS
7.5
EPSS Score
0.31%
Published
2006-07-18
Updated
2018-10-18
13 vulnerabilities found