Php-nuke : Security Vulnerabilities, CVEs, Published In 2009 (Sql injection) CVSS score >= 4
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
Max CVSS
4.6
EPSS Score
0.47%
Published
2009-01-27
Updated
2018-10-11
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-09-14
Updated
2019-07-01
SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-07-14
Updated
2018-10-11
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-07-14
Updated
2019-07-01
4 vulnerabilities found