Total vulnerabilities in the database
Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "<" instead of a ">" in (1) the onerror attribute of an IMG element, (2) the onload attribute of an IFRAME element, or (3) redirect users to other sites via the META tag.
| Software | From | Fixed in |
|---|---|---|
| phpnuke / php-nuke | 7.3 | 7.3.x |
| phpnuke / php-nuke | 7.4 | 7.4.x |
| phpnuke / php-nuke | 7.1 | 7.1.x |
| phpnuke / php-nuke | 7.9 | 7.9.x |
| phpnuke / php-nuke | 8.0 | 8.0.x |
| phpnuke / php-nuke | 7.5 | 7.5.x |
| phpnuke / php-nuke | 7.2 | 7.2.x |
| phpnuke / php-nuke | 7.7 | 7.7.x |
| phpnuke / php-nuke | 7.8 | 7.8.x |
| phpnuke / php-nuke | 7.0 | 7.0.x |
| phpnuke / php-nuke | 7.6 | 7.6.x |