Postnuke Software Foundation : Security Vulnerabilities, CVEs, Published In 2005 (Sql injection) CVSS score >= 3
SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php.
Max CVSS
7.5
EPSS Score
1.23%
Published
2005-08-24
Updated
2008-09-05
SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arbitrary SQL commands via the start parameter.
Max CVSS
7.5
EPSS Score
0.31%
Published
2005-05-31
Updated
2016-10-18
SQL injection vulnerability in pnadmin.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to execute arbitrary SQL commands via the riga[0] parameter.
Max CVSS
7.5
EPSS Score
0.15%
Published
2005-05-24
Updated
2016-10-18
Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia module in PostNuke 0.750 allow remote attackers to execute arbitrary SQL commands via the (1) name or (2) module parameter.
Max CVSS
7.5
EPSS Score
0.15%
Published
2005-05-24
Updated
2016-10-18
SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute arbitrary SQL statements via the sid parameter. NOTE: the vendor reports that they could not reproduce the issues for 760 RC3, or for .750.
Max CVSS
7.5
EPSS Score
0.79%
Published
2005-05-02
Updated
2017-07-11
SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.760-RC2 allows remote attackers to execute arbitrary SQL commands via the show parameter.
Max CVSS
7.5
EPSS Score
0.26%
Published
2005-05-02
Updated
2016-10-18
Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter.
Max CVSS
7.5
EPSS Score
0.20%
Published
2005-05-02
Updated
2016-10-18
7 vulnerabilities found