Vulnerabilities > CVE-2004-2354

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

francisco-burzi

warpspeed

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.

Vulnerable Configurations

Part	Description	Count
Application	Francisco_Burzi Francisco Burzi PHP Nuke 6.5_Beta1 Francisco Burzi PHP Nuke 6.5 Francisco Burzi PHP Nuke 6.5_Rc2 Francisco Burzi PHP Nuke 6.5_Rc3 Francisco Burzi PHP Nuke 6.5_Final Francisco Burzi PHP Nuke 6.7 Francisco Burzi PHP Nuke 6.9 Francisco Burzi PHP Nuke 6.5_Rc1 Francisco Burzi PHP Nuke 6.6	9
Application	Warpspeed Warpspeed 4Nguestbook 0.92	1

References

http://archives.neohapsis.com/archives/bugtraq/2004-03/0139.html
http://archives.neohapsis.com/archives/bugtraq/2004-03/0139.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/15478
https://exchange.xforce.ibmcloud.com/vulnerabilities/15478

Vulnerabilities > CVE-2004-2354 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2004-2354"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2004-2354