Back to search
CVE-2005-3304
Published: Oct 25, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://rgod.altervista.org/phpnuke78sql.html
x_refsource_MISC
phpnuke-multiple-modules-sql-injection(22851)
vdb-entry
x_refsource_XF
15178
vdb-entry
x_refsource_BID
20051023 PhpNuke 7.8 with all security fixes/patches "Your_Account",
mailing-list
x_refsource_BUGTRAQ
20293
vdb-entry
x_refsource_OSVDB
17315
third-party-advisory
x_refsource_SECUNIA
20292
vdb-entry
x_refsource_OSVDB
ADV-2005-2191
vdb-entry
x_refsource_VUPEN
20291
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now