Vulnerabilities > CVE-2001-1460 - Unspecified vulnerability in Postnuke Software Foundation Postnuke 0.62/0.63/0.64

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
postnuke-software-foundation
exploit available
NVD
Published: 2001-10-13
Updated: 2017-07-11

Summary

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.

Vulnerable Configurations

Part Description Count
Application
Postnuke_Software_Foundation
3

Exploit-Db

descriptionPostNuke 0.6 Unauthenticated User Login Vulnerability. CVE-2001-1460 . Webapps exploit for php platform
idEDB-ID:21119
last seen2016-02-02
modified2001-10-13
published2001-10-13
reporteranonymous
sourcehttps://www.exploit-db.com/download/21119/
titlePostNuke 0.6 Unauthenticated User Login Vulnerability

References