Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x up to and including 6.5 allows remote malicious users to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
francisco burzi php-nuke 5.0 |
||
francisco burzi php-nuke 6.0 |