Vulnerabilities > CVE-2004-2295 - Input Validation vulnerability in PHP-Nuke
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter.
Vulnerable Configurations
Exploit-Db
description | PHP-Nuke 6.x/7.x Reviews Module order Parameter SQL Injection. CVE-2004-2295. Webapps exploit for php platform |
id | EDB-ID:24192 |
last seen | 2016-02-02 |
modified | 2004-06-11 |
published | 2004-06-11 |
reporter | Janek Vind |
source | https://www.exploit-db.com/download/24192/ |
title | PHP-Nuke 6.x/7.x Reviews Module order Parameter SQL Injection |