This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Phpnuke First view 2003-12-31
Product Php-Nuke Last view 2011-06-20
Version 5.6 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:phpnuke:php-nuke

Activity : Overall

Related : CVE

  Date Alert Description
6.8 2011-06-20 CVE-2011-1482

Multiple cross-site request forgery (CSRF) vulnerabilities in mainfile.php in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts or (2) grant the administrative privilege to a user account, related to a Referer check that uses a substring comparison.
4.3 2011-06-20 CVE-2011-1481

Multiple cross-site scripting (XSS) vulnerabilities in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) sender_name or (2) sender_email parameter in a Feedback action to modules.php.
7.5 2011-06-20 CVE-2011-1480

SQL injection vulnerability in admin.php in the administration backend in Francisco Burzi PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the chng_uid parameter.
7.5 2009-04-20 CVE-2008-6728

SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
6.8 2007-03-20 CVE-2007-1520

The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote attackers to conduct CSRF attacks.
4.3 2007-03-20 CVE-2007-1519

Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948.
5.1 2006-10-26 CVE-2006-5525

Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and earlier allows remote attackers to conduct SQL injection attacks via (1) "/**/UNION " or (2) " UNION/**/" sequences, which are not rejected by the protection mechanism, as demonstrated by a SQL injection via the eid parameter in a search action in the Encyclopedia module in modules.php.
5 2005-05-02 CVE-2005-1028

PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct request to (1) index.php with the forum_admin parameter set, (2) the Surveys module, or (3) the Your_Account module, which reveals the path in a PHP error message.
8.8 2004-12-31 CVE-2004-1842

Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php.
6.5 2003-12-31 CVE-2003-1340

Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279.

CWE : Common Weakness Enumeration

%idName
33% (3) CWE-352 Cross-Site Request Forgery (CSRF)
33% (3) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
22% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
11% (1) CWE-200 Information Exposure

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-62 Cross Site Request Forgery (aka Session Riding)
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()

Open Source Vulnerability Database (OSVDB)

id Description
73336 PHP-Nuke mainfile.php HTTP_REFERER Check CSRF
73335 PHP-Nuke admin.php chng_uid Parameter SQL Injection
72121 PHP-Nuke Search modules.php search Field XSS
60384 PHP-Nuke Web_Links Module aid Cookie SQL Injection
60383 PHP-Nuke modules.php uid Cookie SQL Injection
52033 Sections Module for PHP-Nuke modules.php artid Parameter SQL Injection
34501 PHP-Nuke HTTP_REFERER SERVER superglobal CSRF Protection Bypass
33750 PHP-Nuke Download Module modules.php Search Operation query Parameter XSS
29981 PHP-Nuke Encyclopedia Module eid Parameter SQL Injection
15406 PHP-Nuke Your_Account Module Path Disclosure
15404 PHP-Nuke index.php forum_admin Variable Path Disclosure
15401 PHP-Nuke Surveys Module Multiple Parameter Path Disclosure
4517 PHP-Nuke admin.php URL IMG Tag CSRF

OpenVAS Exploits

id Description
2011-07-01 Name : PHP-Nuke Multiple Vulnerabilities
File : nvt/secpod_php_nuke_mult_vuln.nasl
2009-04-24 Name : PHP-Nuke Sections Module SQL Injection Vulnerability
File : nvt/secpod_php_nuke_sql_inj_vuln.nasl