Searching modulesphp software vulnerabilities

Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) screen parameter to modules.php, (2) module_name parameter to title.php, (3) sortby parameter to modules.php, or (4) overview parameter to modules.php.


Cross-site scripting (XSS) vulnerability in the

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php.


SQL injection vulnerability in the Downloads mo

vulnerability | Downloads | attackers | arbitrary | injection | Php-Nuke | execute | through | module | allows | remote | via | SQL |

SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php.


Multiple SQL injection vulnerabilities in Sergi

vulnerabilities | attackers | injection | arbitrary | PHP-Nuke | commands | Multiple | earlier | execute | SergiDs | remote | module | Music | allow | via | SQL | Top | PR3 |

Multiple SQL injection vulnerabilities in SergiDs Top Music module 3.0 PR3 and earlier for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the (1) idartist, (2) idsong, and (3) idalbum parameters to modules.php.


Cross-site scripting (XSS) vulnerability in the

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the myh_op parameter to modules.php.


Incomplete blacklist vulnerability in mainfile.

vulnerability | mainfilephp | Incomplete | injection | attackers | blacklist | PHP-Nuke | conduct | attacks | earlier | allows | remote | via | SQL |

Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and earlier allows remote attackers to conduct SQL injection attacks via (1) "/**/UNION " or (2) " UNION/**/" sequences, which are not rejected by the protection mechanism, as demonstrated by a SQL injection via the eid parameter in a search action in the Encyclopedia module in modules.php.


CRLF injection vulnerability in MAXdev MD-Pro 1

vulnerability | injection | MAXdev | MD-Pro | CRLF |

CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequence in the (1) name, (2) file, (3) module, and (4) func parameters in (a) index.php; and the (5) file parameter in (b) modules.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | inclusion | Multiple | Antonio | Slider | remote | Islas | Marco | Cruz | file | PHP | Web |

Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider) 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) index.php, (2) modules/pdf.php, (3) plugins/highlight.php, or (4) include/modules.php.


Exponent CMS 0.96.6 Alpha and earlier allows re

Exponent | CMS |

Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain path information via a direct request for (1) sdk/blanks/formcontrol.php and (2) sdk/blanks/file_modules.php.


Directory traversal vulnerability in index.php

register_globals | vulnerability | arbitrary | attackers | traversal | Directory | indexphp | execute | include | enabled | phpNuke | module | allows | remote | local | files | Music | Dance | via |

Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in an ACCEPT_FILE array parameter to modules.php.


Software vulnerabilities results 1 to 11 of 11     
Page: 1