Known Vulnerabilities for products from Francisco Burzi
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Francisco Burzi".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2008-0461 | SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and earlier, when magic_quotes_gpc is dis... | 6.8 - MEDIUM | 2008-01-25 | 2017-09-29 |
| CVE-2007-6376 | Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to include and exec... | 7.5 - HIGH | 2007-12-15 | 2008-11-15 |
| CVE-2007-5032 | Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add admin... | 5.1 - MEDIUM | 2007-09-21 | 2018-10-15 |
| CVE-2007-1061 | SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is... | 6.8 - MEDIUM | 2007-02-22 | 2018-10-16 |
| CVE-2007-0372 | Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL comman... | 7.5 - HIGH | 2007-01-19 | 2018-10-16 |
| CVE-2007-0309 | SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and earlier, when register_globa... | 7.5 - HIGH | 2007-01-18 | 2018-10-16 |
| CVE-2006-6234 | Multiple SQL injection vulnerabilities in the Content module in PHP-Nuke 6.0, and possibly other versions, allow remote attac... | 7.5 - HIGH | 2006-12-02 | 2018-10-17 |
| CVE-2006-6200 | Multiple SQL injection vulnerabilities in the (1) rate_article and (2) rate_complete functions in modules/News/index.php in t... | 7.5 - HIGH | 2006-12-01 | 2018-10-17 |
| CVE-2006-5720 | SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and earlier a... | 7.5 - HIGH | 2006-11-04 | 2018-10-17 |
| CVE-2006-1847 | SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote attackers to execute arbitrary SQL... | 7.5 - HIGH | 2006-04-19 | 2017-07-20 |
| CVE-2006-1846 | Cross-site scripting (XSS) vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote attackers to inject a... | 4.3 - MEDIUM | 2006-04-19 | 2011-03-08 |
| CVE-2006-0908 | PHP-Nuke 7.8 Patched 3.2 allows remote attackers to bypass SQL injection protection mechanisms via /%2a (/*) sequences with t... | 7.5 - HIGH | 2006-02-28 | 2018-10-18 |
| CVE-2006-0907 | SQL injection vulnerability in PHP-Nuke before 7.8 Patched 3.2 allows remote attackers to execute arbitrary SQL commands via ... | 7.5 - HIGH | 2006-02-28 | 2018-10-18 |
| CVE-2006-0805 | The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only vary once per day based o... | 7.5 - HIGH | 2006-02-21 | 2018-10-18 |
| CVE-2006-0679 | SQL injection vulnerability in index.php in the Your_Account module in PHP-Nuke 7.8 and earlier allows remote attackers to ex... | 7.5 - HIGH | 2006-02-16 | 2018-10-19 |
| CVE-2006-0676 | Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote attackers to inject arbitrary web... | 4.3 - MEDIUM | 2006-02-13 | 2018-10-19 |
| CVE-2006-0163 | SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to ... | 7.5 - HIGH | 2006-01-11 | 2017-07-20 |
| CVE-2005-4715 | Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, when magic_quotes_gpc is disabled, allow remote attack... | 7.5 - HIGH | 2005-12-31 | 2017-07-20 |
| CVE-2005-4260 | Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote attackers to perform cross-site scri... | 4.3 - MEDIUM | 2005-12-15 | 2018-10-19 |
| CVE-2005-3792 | Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patc... | 7.5 - HIGH | 2005-11-24 | 2018-10-19 |