PHP-Nuke 8.0
Approved changes feed: RSS · Atom
cpe:2.3:a:phpnuke:php-nuke:8.0:*:*:*:*:*:*:*
part: a version: 8.0 update: *
| Vendor | Phpnuke (17bc01fb-d507-5bec-aab1-228a9db5d380) |
|---|---|
| Product | Php Nuke (e8cbb970-fa0e-534a-9c75-ef9b208d54b6) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:bitbucket/phpnuke/phpnuke |
purl2cpe | 2026-06-01 10:15:05.439700 |
pkg:github/phpnuke/phpnuke |
purl2cpe | 2026-06-01 10:15:05.439702 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2011-3784 |
vulnerable | 2026-06-03 14:31:21.772768 |
Details available
Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files.
Published: 2011-09-24T00:00:00.000Z
Updated: 2024-09-16T20:02:50.473Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-5083 |
vulnerable | 2026-06-03 14:30:45.086425 |
Details available
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
Published: 2012-02-14T20:00:00.000Z
Updated: 2024-08-07T04:09:38.722Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-1842 |
vulnerable | 2026-06-03 14:29:37.806693 |
Details available
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header.
Published: 2009-06-01T14:00:00.000Z
Updated: 2024-08-07T05:27:54.437Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-4212 |
vulnerable | 2026-06-03 14:28:18.058430 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "<" instead of a ">" in (1) the onerror attribute of an IMG element, (2) the onload attribute of an IFRAME element, or (3) redirect users to other sites via the META tag.
Published: 2007-08-08T01:52:00.000Z
Updated: 2024-08-07T14:46:39.395Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-1449 |
vulnerable | 2026-06-03 14:28:05.533463 |
Details available
Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Published: 2007-03-14T18:00:00.000Z
Updated: 2024-08-07T12:59:08.673Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-5494 |
vulnerable | 2026-06-03 14:27:46.013417 |
Details available
Multiple PHP remote file inclusion vulnerabilities in modules/My_eGallery/public/displayCategory.php in the pandaBB module for PHP-Nuke allow remote attackers to execute arbitrary PHP code via a URL in the (1) adminpath or (2) basepath parameters. NOTE: this issue might overlap CVE-2006-6795.
Published: 2006-10-25T10:00:00.000Z
Updated: 2024-08-07T19:55:52.802Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.