| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-2295 | 7.5 |
SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-2293 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) eid parameter or (2) query parameter to the Encyclopedia module, (3) preview_review function in the R
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-2296 | 5.0 |
The preview_review function in the Reviews module in PHP-Nuke 6.0 to 7.3, when running on Windows systems, allows remote attackers to obtain sensitive information via an invalid date parameter, which generates an error message.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-2297 | 5.0 |
The Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large, out-of-range score parameter.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-2294 | 4.3 |
Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for danger
|
05-09-2008 - 20:43 | 31-12-2004 - 05:00 |