Published: 23/11/2004 Updated: 11/07/2017

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 650

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

SQL injection vulnerability in PHP-Nuke 6.9 and previous versions, and possibly 7.x, allows remote malicious users to inject arbitrary SQL code and gain sensitive information via (1) the category variable in the Search module or (2) the admin variable in the Web_Links module.

Vulnerable Product	Search on Vulmon	Subscribe to Product
francisco burzi php-nuke 1.0
francisco burzi php-nuke 5.0
francisco burzi php-nuke 5.0.1
francisco burzi php-nuke 5.6
francisco burzi php-nuke 6.0
francisco burzi php-nuke 6.7
francisco burzi php-nuke 6.9
francisco burzi php-nuke 2.5
francisco burzi php-nuke 3.0
francisco burzi php-nuke 5.1
francisco burzi php-nuke 5.2
francisco burzi php-nuke 6.5
francisco burzi php-nuke 6.5_beta1
francisco burzi php-nuke 4.0
francisco burzi php-nuke 4.3
francisco burzi php-nuke 5.2a
francisco burzi php-nuke 5.3.1
francisco burzi php-nuke 6.5_final
francisco burzi php-nuke 6.5_rc1
francisco burzi php-nuke 4.4
francisco burzi php-nuke 4.4.1a
francisco burzi php-nuke 5.4
francisco burzi php-nuke 5.5
francisco burzi php-nuke 6.5_rc2
francisco burzi php-nuke 6.5_rc3
francisco burzi php-nuke 6.6

source: wwwsecurityfocuscom/bid/9630/info It has been reported that PHPNuke may prone to a SQL injection vulnerability, due to insufficient sanitization user-supplied input The problem is reported to exist in the $category variable contained within the 'indexphp' page PHPNuke versions 69 and prior have been reported to be prone to th ...

source: wwwsecurityfocuscom/bid/7558/info It has been reported that multiple input validation bugs exist in the Web_Links module used by PHPNuke Because of this, a remote user may be able to access the database and potentially gain access to sensitive information Successful exploitation could result in compromise of the web forums or mo ...

NVD-CWE-Other http://www.securityfocus.com/bid/9630 http://www.scan-associates.net/papers/phpnuke69.txt http://marc.info/?l=bugtraq&m=107643348117646&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15115 https://nvd.nist.gov https://www.exploit-db.com/exploits/23680/

CVE-2004-0269

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect