CVE-2005-3792

Published: Nov 24, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20051115 Critical SQL Injection PHPNuke <= 7.8

mailing-list

x_refsource_FULLDISC

20051115 Critical SQL Injection PHPNuke <= 7.8

mailing-list

x_refsource_BUGTRAQ

20060219 [waraxe-2006-SA#046] - Critical sql injection in phpNuke 7.5-7.8

mailing-list

x_refsource_BUGTRAQ

http://www.waraxe.us/advisory-46.html

x_refsource_MISC

1015651

vdb-entry

x_refsource_SECTRACK

phpnuke-query-sql-injection(23079)

vdb-entry

x_refsource_XF

20866

vdb-entry

x_refsource_OSVDB

http://securityreason.com/achievement_exploitalert/5

x_refsource_MISC

ADV-2005-2446

vdb-entry

x_refsource_VUPEN

1015215

vdb-entry

x_refsource_SECTRACK

17543

third-party-advisory

x_refsource_SECUNIA

15421

vdb-entry

x_refsource_BID

20060221 Re: [waraxe-2006-SA#046] - Critical sql injection in phpNuke 7.5-7.8

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-3792

Description

Affected Products

References