PHP-Nuke 6.5 (Multiple Downloads Module) - SQL Injection
| EKU-ID: 28073 | CVE: CVE-2003-1210;OSVDB-20206 | OSVDB-ID: |
| Author: Albert Puigsech Galicia | Published: 2003-05-13 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28073 | CVE: CVE-2003-1210;OSVDB-20206 | OSVDB-ID: |
| Author: Albert Puigsech Galicia | Published: 2003-05-13 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7588/info PHP-Nuke is reportedly prone to multiple SQL injection vulnerabilities in the Downloads module. Exploitation could allow for injection of malicious SQL syntax, resulting in modification of SQL query logic or other attacks. http://www.example.com/modules.php?name=Downloads&d_op=getit&lid=2%20<our_code> where <our_code> represents SQL code that can be injected.