Phpnuke : Security vulnerabilities, CVEs sql injection published in 2003

CVE-2003-1340

Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279.

Max CVSS

6.5

EPSS Score

0.09%

Published

2003-12-31

Updated

2018-10-19

1 vulnerabilities found

Phpnuke : Security Vulnerabilities, CVEs, Published In 2003 (Sql injection)

CVE-2003-1340