Vulnerabilities > CVE-2005-1048 - Unspecified vulnerability in Postnuke Software Foundation Postnuke 0.760Rc3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute arbitrary SQL statements via the sid parameter. NOTE: the vendor reports that they could not reproduce the issues for 760 RC3, or for .750.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://digitalparadox.org/advisories/postnuke.txt
- http://marc.info/?l=bugtraq&m=111298226029957&w=2
- http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2679
- http://secunia.com/advisories/14868/
- http://securitytracker.com/id?1013670
- http://www.osvdb.org/15371
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20019