header-logo
Suggest Exploit
vendor:
PHPNuke
by:
SecurityFocus
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: PHPNuke
Affected Version From: 6
Affected Version To: 6
Patch Exists: YES
Related CWE: N/A
CPE: a:phpnuke:phpnuke
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

SQL Injection Vulnerability in PHPNuke

Due to insufficient sanitization of variables used in SQL queries, it is possible to modify the logic of SQL queries. This issue could result in a denial of service attack or the corruption of database information.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized before being used in SQL queries.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5799/info

A SQL injection vulnerability has been discovered in PHPNuke.

Due to insufficient sanitization of variables used in SQL queries, it is possible to modify the logic of SQL queries.

This issue could result in a denial of service attack or the corruption of database information.

This issue was reported in PHPNuke version 6.0. Other versions may also be affected. 

http://www.nukesite.com/modules.php?name=News&file=article&sid=1234%20or%
201=1

Navigation

Suggest Exploit

Services By CQR