Vulnerability in N/a
CVE-2005-3792
Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a sto…
EPSS: 0.693 (98.7th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20051115 Critical SQL Injection PHPNuke <= 7.8 (mailing-list, x_refsource_FULLDISC)
- 20051115 Critical SQL Injection PHPNuke <= 7.8 (mailing-list, x_refsource_BUGTRAQ)
- 20060219 [waraxe-2006-SA#046] - Critical sql injection in phpNuke 7.5-7.8 (mailing-list, x_refsource_BUGTRAQ)
- www.waraxe.us/advisory-46.html (x_refsource_MISC)
- 1015651 (vdb-entry, x_refsource_SECTRACK)
- phpnuke-query-sql-injection(23079) (vdb-entry, x_refsource_XF)
- 20866 (x_refsource_OSVDB, vdb-entry)
- securityreason.com/achievement_exploitalert/5 (x_refsource_MISC)
- ADV-2005-2446 (vdb-entry, x_refsource_VUPEN)
- 1015215 (vdb-entry, x_refsource_SECTRACK)