Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » PHP-Nuke multiple SQL injection vulnerabilities

PHP-Nuke multiple SQL injection vulnerabilities

by Mario Miri on May 24th, 2003 Muptiple SQL injection and path disclosure vulnerabilities have been discovered in PHP-Nuke. The issues exist in Sections, Avantgo, Surveys, Downloads, Reviews, and Web_Links modules.


Vulnerable:
Francisco Burzi PHP-Nuke 5.0
Francisco Burzi PHP-Nuke 5.0.1
Francisco Burzi PHP-Nuke 5.1
Francisco Burzi PHP-Nuke 5.2 a
Francisco Burzi PHP-Nuke 5.2
Francisco Burzi PHP-Nuke 5.3.1
Francisco Burzi PHP-Nuke 5.4
Francisco Burzi PHP-Nuke 5.5
Francisco Burzi PHP-Nuke 5.6
Francisco Burzi PHP-Nuke 6.0
Francisco Burzi PHP-Nuke 6.5 RC3
Francisco Burzi PHP-Nuke 6.5 RC2
Francisco Burzi PHP-Nuke 6.5 RC1
Francisco Burzi PHP-Nuke 6.5 FINAL
Francisco Burzi PHP-Nuke 6.5 BETA 1
Francisco Burzi PHP-Nuke 6.5


Solution:
Currently there are no vendor supplied patches.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »