Multiple vulnerabilities PHP-Nuke Video Gallery Module for PHP-Nuke

Grok Headline matches for Multiple vulnerabilities PHP-Nuke Video Gallery Module for PHP-Nuke

RE: Multiple vulnerabilities PHP-Nuke

RE: Multiple vulnerabilities PHP-Nuke 06/08/2004 01:43 PM
Jeruvy (Jun 08 2004)

PHP-Nuke Multiple Vulnerabilities

PHP-Nuke Multiple Vulnerabilities 05/07/2004 07:06 PM
Allowing malicious people to conduct Cross Site Scripting and SQL injection attacks

Multiple vulnerabilities PHP-Nuke

Multiple vulnerabilities PHP-Nuke 06/07/2004 06:58 PM
Dark Bicho (Jun 07 2004)

PHP-Nuke 7.4 Multiple XSS
Vulnerabilities Patch

PHP-Nuke 7.4 Multiple XSS
Vulnerabilities Patch 09/07/2004 04:13 PM
Pierquinto Manco (Sep 05 2004)

Good Patch to Multiple [XSS]
Vulnerabilities in PHP-Nuke 7.4

Good Patch to Multiple [XSS]
Vulnerabilities in PHP-Nuke 7.4 09/07/2004 02:16 PM
Pierquinto Manco (Sep 06 2004)

Community News: Vulnerabilities in
PHP-Nuke

Community News: Vulnerabilities in
PHP-Nuke 05/07/2004 07:54 AM
In a new security advisory posted late yesterday, Secunia has a few new issues with PHP-Nuke (v6.x and v7.x):

• If error messages hasn't been turned off in PHP, the "Downloads" module will return error messages if an invalid value is supplied to the "show" parameter. This can be exploited to reveal the installation path.
• Input passed to the "ttitle" and "sid" parameters in the "Downloads" module isn't properly verified before it is returned to the user. This can be exploited to execute arbitrary HTML or script code in a user's browser session in context of an affected site by tricking the user into visiting a malicious website or follow a specially crafted link.
• Input passed to the "orderby" and "sid" parameters in the "Downloads" module isn't properly verified before it is used in an SQL insert query. This can be exploited by malicious people to manipulate SQL queries by injecting arbitrary SQL code.

My personal favorite - the solution: Use another product. Somehow, I think most of the PHP community could have told you that...

Multiple Sql injection, and multiple XSS
vulnerabilities in Photopost PHP Pro
Photo Gallery Software

Multiple Sql injection, and multiple XSS
vulnerabilities in Photopost PHP Pro
Photo Gallery Software 03/28/2005 07:59 PM
dcrab_at_hackerscenter.com (Mar 28 2005)

Multiple Sql injection, and multiple XSS
vulnerabilities in Photopost PHP Pro
Photo Gallery Software.

Multiple Sql injection, and multiple XSS
vulnerabilities in Photopost PHP Pro
Photo Gallery Software. 03/28/2005 07:59 PM
dcrab_at_hackerscenter.com (Mar 28 2005)

Re: Multiple Sql injection, and multiple
XSS vulnerabilities in Photopost PHP Pro
Photo Gallery Software.

Re: Multiple Sql injection, and multiple
XSS vulnerabilities in Photopost PHP Pro
Photo Gallery Software. 03/30/2005 05:16 PM
dcrab_at_hackerscenter.com (Mar 30 2005)

RE: Multiple Sql injection, and multiple
XSS vulnerabilities in Photopost PHP
Pro Photo Gallery Software.

RE: Multiple Sql injection, and multiple
XSS vulnerabilities in Photopost PHP
Pro Photo Gallery Software. 03/29/2005 08:40 PM
GulfTech Security Research (Mar 28 2005)

[SECURITYREASON.COM] phpnuke 7.6
Multiple vulnerabilities in Downloads
Module cXIb8O3.13

[SECURITYREASON.COM] phpnuke 7.6
Multiple vulnerabilities in Downloads
Module cXIb8O3.13 04/07/2005 10:50 PM
Posted by Maksymilian Arciemowicz, Apr 07 2005

[SECURITYREASON.COM] phpnuke 7.6
Multiple vulnerabilities in Web_Links
Module cXIb8O3.14

[SECURITYREASON.COM] phpnuke 7.6
Multiple vulnerabilities in Web_Links
Module cXIb8O3.14 04/07/2005 10:50 PM
Posted by Maksymilian Arciemowicz, Apr 07 2005

[waraxe-2004-SA#028 - Multiple
vulnerabilities in NukeJokes module for
PhpNuke]

[waraxe-2004-SA#028 - Multiple
vulnerabilities in NukeJokes module for
PhpNuke] 05/08/2004 04:15 PM
Janek Vind (May 08 2004)

[waraxe-2004-SA#021 - Multiple
vulnerabilities in phprofession 2.5
module for PostNuke]

[waraxe-2004-SA#021 - Multiple
vulnerabilities in phprofession 2.5
module for PostNuke] 04/21/2004 07:53 PM
Janek Vind (Apr 21 2004)

[waraxe-2004-SA#026 - Multiple
vulnerabilities in Coppermine Photo
Gallery for PhpNuke]

[waraxe-2004-SA#026 - Multiple
vulnerabilities in Coppermine Photo
Gallery for PhpNuke] 05/03/2004 01:59 PM
Janek Vind (May 02 2004)

PHP-Nuke 7.3

PHP-Nuke 7.3 07/21/2004 06:18 AM
PHP Interactive Web Portal System

RPG-Nuke

RPG-Nuke 11/06/2003 07:19 PM
Getting it together

PHP-Nuke ES OP

PHP-Nuke ES OP 04/15/2004 02:24 PM
Inaguración en SourceForge

Nuke-Board

Nuke-Board 11/01/2003 11:48 AM
Nuke-Board development begins

Re: [XSS] PHP-Nuke 7.4 Bugs

Re: [XSS] PHP-Nuke 7.4 Bugs 09/07/2004 06:23 PM
Blaine Elzey (Sep 05 2004)

Newsportal Nuke 0.26

Newsportal Nuke 0.26 09/08/2004 10:10 PM
An adaptation of the original newsportal script.

New Nuke is a blast

New Nuke is a blast 01/27/2004 07:31 PM
Whether running an online community or a blog, PHP-Nuke serves up your content without fuss. PHP-Nuke tries to be all things to all people. ...

[XSS] PHP-Nuke 7.4 AddMsg Bug

[XSS] PHP-Nuke 7.4 AddMsg Bug 09/07/2004 02:16 PM
Pierquinto Manco (Sep 05 2004)

pJirc-Nuke

pJirc-Nuke 09/06/2004 05:09 AM
pJirc Nuke Project

geoURL, RSS, and PHP-Nuke

geoURL, RSS, and PHP-Nuke 01/14/2003 09:22 AM
Jon of Inphidelphia.com has created a PHP-Nuke module that integrates my RSS parser with the services provided by GeoURL. Just provide the module with your lattitude/longitude coordinates and it will output links to all the blogs near you. You can download Parse_geoURL here.

[XSS] PHP-Nuke 7.4 DelAdmin Bug

[XSS] PHP-Nuke 7.4 DelAdmin Bug 09/05/2004 09:29 AM
Pierquinto Manco (Sep 04 2004)

Port-A-Nuke

Port-A-Nuke 09/03/2004 02:15 PM

Nuke Comics 0.5.2

Nuke Comics 0.5.2 04/14/2004 05:07 PM
A comics organizing script for PHP-Nuke.

[XSS] PHP-Nuke 7.4 ViewAdmin Bug

[XSS] PHP-Nuke 7.4 ViewAdmin Bug 09/05/2004 12:39 AM
Pierquinto Manco (Sep 04 2004)

PHP-Nuke Filtering Bugs

PHP-Nuke Filtering Bugs 05/24/2002 11:27 AM

5 Fired In Nuke Lab Scandal

5 Fired In Nuke Lab Scandal 09/15/2004 09:48 PM
CBS News Sep 16 2004 0:41AM GMT

Stewart Brand, pro-nuke?

Stewart Brand, pro-nuke? 04/08/2005 12:19 PM
David Pescovitz: In the new issue of Technology Review, Whole Earth Catalog founder Stewart Brand outlines a surprising new plan for saving the environment, including a case for going nuclear:

So everything must be done to increase energy efficiency and decarbonize energy production. Kyoto accords, radical conservation in energy transmission and use, wind energy, solar energy, passive solar, hydroelectric energy, biomass, the whole gamut. But add them all up and it’s still only a fraction of enough. Massive carbon “sequestration” (extraction) from the atmosphere, perhaps via biotech, is a widely held hope, but it’s just a hope. The only technology ready to fill the gap and stop the carbon dioxide loading of the atmosphere is nuclear power.

Nuclear certainly has problems—accidents, waste storage, high construction costs, and the possible use of its fuel in weapons. It also has advantages besides the overwhelming one of being atmospherically clean. The industry is mature, with a half-century of experience and ever improved engineering behind it. Problematic early reactors like the ones at Three Mile Island and Chernobyl can be supplanted by new, smaller-scale, meltdown-proof reactors like the ones that use the pebble-bed design. Nuclear power plants are very high yield, with low-cost fuel. Finally, they offer the best avenue to a “hydrogen economy,” combining high energy and high heat in one place for optimal hydrogen generation.

The storage of radioactive waste is a surmountable problem (see “A New Vision for Nuclear Waste,” December 2004). Many reactors now have fields of dry-storage casks nearby. Those casks are transportable. It would be prudent to move them into well-guarded centralized locations. Many nations address the waste storage problem by reprocessing their spent fuel, but that has the side effect of producing material that can be used in weapons. One solution would be a global supplier of reactor fuel, which takes back spent fuel from customers around the world for reprocessing. That’s the kind of idea that can go from “Impractical!” to “Necessary!” in a season, depending on world events.

Link

Nuke trouble in Japan

Nuke trouble in Japan 08/09/2004 07:48 AM
USA Today Aug 9 2004 12:01PM GMT

Are UK Nuke Reactors in Trouble?

Are UK Nuke Reactors in Trouble? 03/27/2005 03:48 PM
Technocrat.net Mar 27 2005 7:15PM GMT

[XSS] PHP-Nuke 7.4 Newsletter Injection
Bug

[XSS] PHP-Nuke 7.4 Newsletter Injection
Bug 09/07/2004 02:16 PM
Pierquinto Manco (Sep 05 2004)

Nuke Mosquito, End Malaria?

Nuke Mosquito, End Malaria? 04/26/2004 04:53 AM
An experiment by the United Nations uses nuclear technology to attempt to eradicate the malaria mosquitoes that transmit the disease. The effort is aimed at helping Sub-Saharan Africa.

FreeSoftwareReviews: PHP-Nuke Security
Tools

FreeSoftwareReviews: PHP-Nuke Security
Tools 09/09/2004 09:01 AM
OpenSource at its best: A comprehensive overview on Security Tools for PHPNuke & osc2nuke. Here is a comparison of the advertised features of 7 tools for protecting PHP-Nuke-based websites. Each tool has its own unique features to help you protect your Php-Nuke-based website. This comparison can help you choose among alternatives. NOW INCLUDES SENTINEL 2.0.2, Intrusos and myNukeSecurity 1.01.

[XSS]/SQL Injection PHP-Nuke Delete
Message(s) Bug

[XSS]/SQL Injection PHP-Nuke Delete
Message(s) Bug 09/08/2004 05:51 PM
bima tampan (Sep 07 2004)

Nuke Lab Lawyer Defends Actions

Nuke Lab Lawyer Defends Actions 03/13/2003 10:23 AM
Testifying before a House committee, the chief attorney for Los Alamos Labs says he didn't mean to obstruct an FBI investigation of the embattled facility. By Noah Shachtman.
Grok Description matches for Multiple vulnerabilities PHP-Nuke Video Gallery Module for PHP-Nuke
GrokA matches for Multiple vulnerabilities PHP-Nuke Video Gallery Module for PHP-Nuke

Multiple vulnerabilities PHP-Nuke Video Gallery Module for PHP-Nuke

The following phrases have been identified by the grok system as matching this entry: