Vulnerabilities > CVE-2004-1929 - SQL Injection vulnerability in PHP-Nuke
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers to bypass authentication and gain access by injecting base64-encoded SQL code into the user parameter.
Vulnerable Configurations
Exploit-Db
description | PHP-Nuke 6.x/7.x Multiple SQL Injection Vulnerabilities. CVE-2004-1929. Webapps exploit for php platform |
id | EDB-ID:23998 |
last seen | 2016-02-02 |
modified | 2004-04-13 |
published | 2004-04-13 |
reporter | waraxe |
source | https://www.exploit-db.com/download/23998/ |
title | PHP-Nuke 6.x/7.x - Multiple SQL Injection Vulnerabilities |