Good Patch to Multiple [XSS] Vulnerabilities in PHP-Nuke 7.4

Grok Headline matches for Good Patch to Multiple [XSS] Vulnerabilities in PHP-Nuke 7.4

PHP-Nuke 7.4 Multiple XSS
Vulnerabilities Patch

PHP-Nuke 7.4 Multiple XSS
Vulnerabilities Patch 09/07/2004 04:13 PM
Pierquinto Manco (Sep 05 2004)

Multiple vulnerabilities PHP-Nuke Video
Gallery Module for PHP-Nuke

Multiple vulnerabilities PHP-Nuke Video
Gallery Module for PHP-Nuke 04/27/2004 12:59 PM
k1LL3r B0y (Apr 26 2004)

RE: Multiple vulnerabilities PHP-Nuke

RE: Multiple vulnerabilities PHP-Nuke 06/08/2004 01:43 PM
Jeruvy (Jun 08 2004)

PHP-Nuke Multiple Vulnerabilities

PHP-Nuke Multiple Vulnerabilities 05/07/2004 07:06 PM
Allowing malicious people to conduct Cross Site Scripting and SQL injection attacks

Multiple vulnerabilities PHP-Nuke

Multiple vulnerabilities PHP-Nuke 06/07/2004 06:58 PM
Dark Bicho (Jun 07 2004)

Multiple Sql injection, and multiple XSS
vulnerabilities in Photopost PHP Pro
Photo Gallery Software

Multiple Sql injection, and multiple XSS
vulnerabilities in Photopost PHP Pro
Photo Gallery Software 03/28/2005 07:59 PM
dcrab_at_hackerscenter.com (Mar 28 2005)

Multiple Sql injection, and multiple XSS
vulnerabilities in Photopost PHP Pro
Photo Gallery Software.

Multiple Sql injection, and multiple XSS
vulnerabilities in Photopost PHP Pro
Photo Gallery Software. 03/28/2005 07:59 PM
dcrab_at_hackerscenter.com (Mar 28 2005)

RE: Multiple Sql injection, and multiple
XSS vulnerabilities in Photopost PHP
Pro Photo Gallery Software.

RE: Multiple Sql injection, and multiple
XSS vulnerabilities in Photopost PHP
Pro Photo Gallery Software. 03/29/2005 08:40 PM
GulfTech Security Research (Mar 28 2005)

Re: Multiple Sql injection, and multiple
XSS vulnerabilities in Photopost PHP Pro
Photo Gallery Software.

Re: Multiple Sql injection, and multiple
XSS vulnerabilities in Photopost PHP Pro
Photo Gallery Software. 03/30/2005 05:16 PM
dcrab_at_hackerscenter.com (Mar 30 2005)

Multiple Sql injection, and multiple XSS
vulnerabilities in Easy Community
Management System Forum (E-XOOPS)

Multiple Sql injection, and multiple XSS
vulnerabilities in Easy Community
Management System Forum (E-XOOPS) 03/28/2005 07:59 PM
dcrab_at_hackerscenter.com (Mar 27 2005)

Multiple multiple sql injection/errors
and xss vulnerabilities in OneWorldStore

Multiple multiple sql injection/errors
and xss vulnerabilities in OneWorldStore 04/14/2005 07:25 PM
Posted by dcrab, Apr 14 2005

Community News: Vulnerabilities in
PHP-Nuke

Community News: Vulnerabilities in
PHP-Nuke 05/07/2004 07:54 AM
In a new security advisory posted late yesterday, Secunia has a few new issues with PHP-Nuke (v6.x and v7.x):

• If error messages hasn't been turned off in PHP, the "Downloads" module will return error messages if an invalid value is supplied to the "show" parameter. This can be exploited to reveal the installation path.
• Input passed to the "ttitle" and "sid" parameters in the "Downloads" module isn't properly verified before it is returned to the user. This can be exploited to execute arbitrary HTML or script code in a user's browser session in context of an affected site by tricking the user into visiting a malicious website or follow a specially crafted link.
• Input passed to the "orderby" and "sid" parameters in the "Downloads" module isn't properly verified before it is used in an SQL insert query. This can be exploited by malicious people to manipulate SQL queries by injecting arbitrary SQL code.

My personal favorite - the solution: Use another product. Somehow, I think most of the PHP community could have told you that...

Multiple TTT-C XSS vulnerabilities

Multiple TTT-C XSS vulnerabilities 05/17/2004 01:39 PM
Kaloyan Georgiev (May 16 2004)

Patch Issued for IE Vulnerabilities

Patch Issued for IE Vulnerabilities 02/10/2004 02:44 AM
"...fixes for three major security flaws related to its Internet Explorer browser for surfing the Web..."

ASPRunner Multiple Vulnerabilities

ASPRunner Multiple Vulnerabilities 07/26/2004 04:07 PM
Ferruh Mavituna (Jul 26 2004)

Multiple Vulnerabilities in FlatNuke

Multiple Vulnerabilities in FlatNuke 01/03/2005 05:18 PM
Pierquinto Manco (Jan 02 2005)

[IPS] osCommerce multiple XSS
vulnerabilities

[IPS] osCommerce multiple XSS
vulnerabilities 03/20/2003 12:59 PM
Daniel Alcántara de la Hoz (Mar 20 2003)

Multiple phpCoin Vulnerabilities

Multiple phpCoin Vulnerabilities 03/29/2005 08:40 PM
GulfTech Security Research (Mar 29 2005)

Multiple vulnerabilities in P4DB

Multiple vulnerabilities in P4DB 05/05/2004 06:25 PM
Jon McClintock (May 05 2004)

Re: Multiple Vulnerabilities in Moodle

Re: Multiple Vulnerabilities in Moodle 12/30/2004 11:25 PM
Martin Dougiamas (Dec 30 2004)

Multiple Vulnerabilities in
phpScheduleIt

Multiple Vulnerabilities in
phpScheduleIt 08/31/2004 08:43 PM
Joxean Koret (Aug 31 2004)

Multiple Vulnerabilities in Phorum 3.4.5

Multiple Vulnerabilities in Phorum 3.4.5 01/06/2004 11:58 AM
Calum Power (Jan 05 2004)

Multiple PhotoPost Pro Vulnerabilities

Multiple PhotoPost Pro Vulnerabilities 01/04/2005 05:26 PM
GulfTech Security (Jan 03 2005)

Multiple Vulnerabilities Sybase Anywhere
9

Multiple Vulnerabilities Sybase Anywhere
9 12/10/2003 01:52 PM
Next Generation Insight Security Research (NGS Software) (Dec 10 2003)

Multiple vulnerabilities in WWW
Fileshare Pro <= 2.42

Multiple vulnerabilities in WWW
Fileshare Pro <= 2.42 01/16/2004 10:59 AM
Luigi Auriemma (Jan 14 2004)

RapidCache Multiple Vulnerabilities

RapidCache Multiple Vulnerabilities 01/16/2004 10:59 AM
Peter Winter-Smith (Jan 15 2004)

Visitorbook LE Multiple Vulnerabilities

Visitorbook LE Multiple Vulnerabilities 12/10/2003 01:52 PM
Paul Johnston (Dec 10 2003)

Multiple Vulnerabilities In phpWebsite

Multiple Vulnerabilities In phpWebsite 09/02/2004 10:16 AM
GulfTech Security (Aug 31 2004)

Multiple XSS vulnerabilities in ACS Blog

Multiple XSS vulnerabilities in ACS Blog 03/28/2005 07:59 PM
Dan Crowley (Mar 28 2005)

Multiple vulnerabilities paFileDB

Multiple vulnerabilities paFileDB 04/27/2004 08:04 PM
k1LL3r B0y (Apr 27 2004)

Multiple vulnerabilities PowerPortal

Multiple vulnerabilities PowerPortal 06/28/2004 01:06 PM
DarkBicho (Jun 27 2004)

Multiple Vulnerabilities In OpenBB

Multiple Vulnerabilities In OpenBB 04/26/2004 07:06 PM
JeiAr (Apr 25 2004)

Multiple WHM Autopilot Vulnerabilities

Multiple WHM Autopilot Vulnerabilities 12/28/2004 03:27 PM
GulfTech Security (Dec 28 2004)

Multiple vulnerabilities in eNdonesia
CMS

Multiple vulnerabilities in eNdonesia
CMS 08/04/2004 03:24 PM
ahmad muammar (Aug 03 2004)

Re: Asp Portal Multiple Vulnerabilities

Re: Asp Portal Multiple Vulnerabilities 02/16/2004 06:44 PM
Manuel López (Feb 14 2004)

Brinkster Multiple Vulnerabilities

Brinkster Multiple Vulnerabilities 02/10/2004 02:57 AM
Ferruh Mavituna (Feb 09 2004)

Red-M Red-Alert Multiple Vulnerabilities

Red-M Red-Alert Multiple Vulnerabilities 02/10/2004 02:57 AM
Bruno Morisson (Feb 09 2004)

ASP Portal Multiple Vulnerabilities

ASP Portal Multiple Vulnerabilities 02/16/2004 02:36 PM
Manuel López (Feb 13 2004)

Mac OS X Multiple Unspecified
Vulnerabilities

Mac OS X Multiple Unspecified
Vulnerabilities 05/31/2004 11:39 PM
“Apple has issued an updated version of Mac OS X, which fixes some unspecified vulnerabilities.”
Grok Description matches for Good Patch to Multiple [XSS] Vulnerabilities in PHP-Nuke 7.4
GrokA matches for Good Patch to Multiple [XSS] Vulnerabilities in PHP-Nuke 7.4

Good Patch to Multiple [XSS] Vulnerabilities in PHP-Nuke 7.4

The following phrases have been identified by the grok system as matching this entry: