SQL Injection in Phpnuke Php-nuke

CVE-2009-1842

SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header.

Vulnerability class: SQL Injection

EPSS: 0.010 (57.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References