BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
PHP-Nuke code injection in Yearly Stats at Statistics module
May 17 2003 10:33AM
Lorenzo Manuel Hernandez Garcia-Hierro (security lorenzohgh com)
-------
Product: PHP-Nuke
Vendor: Francisco Burci
Versions Vulnerable:
6.0 without patches ,
6.0 with index.php and mainfile.php patches.
5.5 with patches ( all resting script tags)
No vulnerable:
6.0 with mainfile.php patch for block url tags inclusions ( not all ).
5.5 with script t...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
-------
Product: PHP-Nuke
Vendor: Francisco Burci
Versions Vulnerable:
6.0 without patches ,
6.0 with index.php and mainfile.php patches.
5.5 with patches ( all resting script tags)
No vulnerable:
6.0 with mainfile.php patch for block url tags inclusions ( not all ).
5.5 with script t...
[ more ]