Francisco Burzi : Security Vulnerabilities, CVEs, Published In June 2003
Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter.
Max CVSS
4.3
EPSS Score
0.12%
Published
2003-06-09
Updated
2016-10-18
Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php.
Max CVSS
2.6
EPSS Score
0.38%
Published
2003-06-16
Updated
2017-07-11
2 vulnerabilities found