Ravenphpscripts Ravennuke — known CVE vulnerabilities
Every CVE whose affected-product data names Ravenphpscripts Ravennuke, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2009-0672 — CVSS 6.5 (medium): SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to…
CVE-2009-0673 — CVSS 6.5 (medium): Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote…
CVE-2009-0677 — CVSS 6.5 (medium): avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated…
CVE-2009-0674 — CVSS 6.0 (medium): images/captcha.php in Raven Web Services RavenNuke 2.30, when register_globals and display_errors are enabled, allows remote attackers to…
CVE-2009-0678 — CVSS 5.0 (medium): images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain sensitive information via an aFonts array parameter value that does…
CVE-2009-0679 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Your Account module in RavenNuke 2.30 allows remote attackers to inject arbitrary web…