Vulnerabilities > CVE-2006-0163 - SQL Injection vulnerability in Francisco Burzi PHP-Nuke EV 7.7R1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | PHPNuke 7.7 EV Search Module SQL Injection Vulnerability. CVE-2006-0163. Webapps exploit for php platform |
id | EDB-ID:27058 |
last seen | 2016-02-03 |
modified | 2006-01-09 |
published | 2006-01-09 |
reporter | Lostmon |
source | https://www.exploit-db.com/download/27058/ |
title | PHPNuke 7.7 EV Search Module SQL Injection Vulnerability |