Vulnerabilities > CVE-2005-1048 - Unspecified vulnerability in Postnuke Software Foundation Postnuke 0.760Rc3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute arbitrary SQL statements via the sid parameter. NOTE: the vendor reports that they could not reproduce the issues for 760 RC3, or for .750.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://digitalparadox.org/advisories/postnuke.txt
- http://secunia.com/advisories/14868/
- http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2679
- http://www.osvdb.org/15371
- http://securitytracker.com/id?1013670
- http://marc.info/?l=bugtraq&m=111298226029957&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20019