SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 up to and including 6.9 allows remote malicious users to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
francisco burzi php-nuke 6.5 |
||
francisco burzi php-nuke 6.5_beta1 |
||
francisco burzi php-nuke 6.9 |
||
warpspeed 4nguestbook 0.92 |
||
francisco burzi php-nuke 6.5_final |
||
francisco burzi php-nuke 6.5_rc1 |
||
francisco burzi php-nuke 6.5_rc2 |
||
francisco burzi php-nuke 6.5_rc3 |
||
francisco burzi php-nuke 6.6 |
||
francisco burzi php-nuke 6.7 |