Описание
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-0302
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48186
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71475
- http://1337day.com/exploits/15481
- http://osvdb.org/51633
- http://osvdb.org/77349
- http://www.exploit-db.com/exploits/18148
- http://www.securityfocus.com/archive/1/500335/100/0/threaded
- http://www.securityfocus.com/bid/33410
- http://www.securityfocus.com/bid/50770
Связанные уязвимости
nvd
больше 16 лет назад
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.