SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   


View Topics  >  Target  >  PostNuke

Jul 1 2005   (PostNuke Issues Advisory) XML-RPC for PHP Lets Remote Users Execute Arbitrary PHP Code
May 27 2005   PostNuke Input Validation Error in 'readpmsg.php' Permits SQL Injection and Cross-Site Scripting Attacks
Apr 9 2005   PostNuke Input Validation Holes in News Module Permits SQL Injection and in 'admin.php' and 'user.php' Permit Cross-Site Scripting Attacks
Feb 28 2005   PostNuke Input Validation Holes in 'pnadmin', 'dl-util', 'dl-search' and Other Scripts Let Remote Users Inject SQL Commands
Oct 26 2004   PostNuke Downloads Site May Have Been Compromised
Sep 21 2004   PostNuke 'admin.php' and Other Files Disclose Installation Path to Remote Users
Sep 10 2004   Subjects Postnuke Module Input Validation Hole Lets Remote Users Inject SQL Commands
Jul 22 2004   PostNuke 'install.php' Discloses Administrator Password to Remote Users
Jul 18 2004   PostNuke Input Validation Hole in Reviews Module 'title' Field Permits Cross-Site Scripting Attacks
Apr 21 2004   PostNuke Downloads, Web_Links, 'openwindow.php' Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks
Apr 19 2004   PostNuke NS-Polls Input Validation Hole in 'pn_uid' Permits SQL Injection
Apr 15 2004   PostNuke Input Validation Flaw in 'NS-Your_Account' Module Lets Remote Users Inject SQL Commands
Jan 7 2004   PostNuke Input Validation Flaw in 'sortby' Variable in 'members_list' Module Permits SQL Injection
Aug 8 2003   PostNuke 'ttitle' Variable in 'Web_Links' Modules Permits Remote Cross-Site Scripting Attacks
May 26 2003   PostNuke Input Validation Flaws in Glossary May Allow SQL Injection
Mar 10 2003   PostNuke Input Validation Bugs in Members_List and in the 'theme' Variable Let Remote Users Inject SQL Commands and Execute Scripts on the System
Nov 18 2002   (Vendor Issues Fix) Re: PostNuke Input Filtering Error in 'modules.php' Facilitates Remote Cross-Site Scripting Attacks
Nov 8 2002   PostNuke Input Filtering Error in 'modules.php' Facilitates Remote Cross-Site Scripting Attacks
Mar 29 2002   PostNuke 'user.php' Flaw Lets Remote Users Specify a Remote Server Path for the $caselist Variable, Allowing Arbitrary Code to Be Executed on the PostNuke Server
Mar 22 2002   PostNuke Multiple Input Validation Flaws Allow Cross-Site Scripting Attacks
Jan 7 2002   PostNuke Downloads Module 'ttitle' Parameter Allows Cross-Site Scripting Attacks
Dec 3 2001   PostNuke Displays User-Supplied HTML Without Escaping The Code, Facilitating Cross-Site Scripting Attacks
Nov 23 2001   Post-Nuke Discloses Administrator Password in Authentication Cookie
Oct 13 2001   Post-Nuke Web Portal Software Authentication Flaw Lets Remote Users Access User Accounts Without Requiring the Password







Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC