Vulnerabilities > CVE-2005-1048 - Unspecified vulnerability in Postnuke Software Foundation Postnuke 0.760Rc3

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
postnuke-software-foundation

Summary

SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute arbitrary SQL statements via the sid parameter. NOTE: the vendor reports that they could not reproduce the issues for 760 RC3, or for .750.

Vulnerable Configurations

Part Description Count
Application
Postnuke_Software_Foundation
1