SQL Injection in Php-nuke Recipe_module
CVE-2008-7226
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
Vulnerability class: SQL Injection
EPSS: 0.010 (57.5th percentile) — read the EPSS interpretation.
Affected products
- Php-nuke Recipe_module — versions 1.3, 1.4
- Phpnuke Php-nuke
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (vdb-entry, x_refsource_XF)