SQL Injection in Phpnuke Php-nuke

CVE-2011-1480

SQL injection vulnerability in admin.php in the administration backend in Francisco Burzi PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the chng_uid parameter.

Vulnerability class: SQL Injection

EPSS: 0.012 (63.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References