RSS   Vulnerabilities for 'Php-nuke ev'   RSS

2006-02-16
 
CVE-2006-0679

CWE-Other
 

 
SQL injection vulnerability in index.php in the Your_Account module in PHP-Nuke 7.8 and earlier allows remote attackers to execute arbitrary SQL commands via the username variable (Nickname field).

 
2006-01-11
 
CVE-2006-0163

 

 
SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792.

 

 >>> Vendor: Francisco burzi 3 Products
Php-nuke
Gallery
Php-nuke ev


Copyright 2024, cxsecurity.com

 

Back to Top