Vulnerabilities > CVE-2004-1932 - SQL-Injection vulnerability in PHP-Nuke
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter.
Vulnerable Configurations
Exploit-Db
description | PHP-Nuke SQL Injection Edit/Save Message(s) Bug. CVE-2004-1932. Webapps exploit for php platform |
id | EDB-ID:465 |
last seen | 2016-01-31 |
modified | 2004-09-16 |
published | 2004-09-16 |
reporter | iko94 |
source | https://www.exploit-db.com/download/465/ |
title | PHP-Nuke SQL Injection Edit/Save Messages Bug |