Multiple cross-site request forgery (CSRF) vulnerabilities in mainfile.php in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts or (2) grant the administrative privilege to a user account, related to a Referer check that uses a substring comparison.
Max CVSS
6.8
EPSS Score
0.21%
Published
2011-06-21
Updated
2018-08-13
Multiple cross-site scripting (XSS) vulnerabilities in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) sender_name or (2) sender_email parameter in a Feedback action to modules.php.
Max CVSS
4.3
EPSS Score
0.50%
Published
2011-06-21
Updated
2018-08-13
SQL injection vulnerability in admin.php in the administration backend in Francisco Burzi PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the chng_uid parameter.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-06-21
Updated
2018-08-13
SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-04-20
Updated
2018-10-11
The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote attackers to conduct CSRF attacks.
Max CVSS
6.8
EPSS Score
2.63%
Published
2007-03-20
Updated
2018-10-16
Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948.
Max CVSS
4.3
EPSS Score
0.97%
Published
2007-03-20
Updated
2018-10-16
Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and earlier allows remote attackers to conduct SQL injection attacks via (1) "/**/UNION " or (2) " UNION/**/" sequences, which are not rejected by the protection mechanism, as demonstrated by a SQL injection via the eid parameter in a search action in the Encyclopedia module in modules.php.
Max CVSS
5.1
EPSS Score
4.47%
Published
2006-10-26
Updated
2017-10-19
7 vulnerabilities found