Published: 31/12/2002 Updated: 14/02/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

sql_layer.php in PHP-Nuke 5.4 and previous versions does not restrict access to debugging features, which allows remote malicious users to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
francisco burzi php-nuke 4.0
francisco burzi php-nuke 5.3.1
francisco burzi php-nuke 5.1
francisco burzi php-nuke 4.3
francisco burzi php-nuke 1.0
francisco burzi php-nuke 4.4
francisco burzi php-nuke 2.5
francisco burzi php-nuke 3.0
francisco burzi php-nuke 5.0
francisco burzi php-nuke 5.4
francisco burzi php-nuke 5.2a
francisco burzi php-nuke 5.0.1
francisco burzi php-nuke 5.2
francisco burzi php-nuke 4.4.1a

source: wwwsecurityfocuscom/bid/3906/info PHPNuke is a website creation/maintenance tool It is can be back-ended by a number of database products such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc The sql_layerphp script contains a debugging feature that may be used by attackers to disclose sensitive information about all SQL que ...

NVD-CWE-Other http://www.securityfaq.com/unixfocus/5OP041P6BE.html http://www.securityfocus.com/bid/3906 https://nvd.nist.gov https://www.exploit-db.com/exploits/21233/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-2032

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect