Lucene search
HistoryApr 20, 2009 - 2:30 p.m.
CVE-2008-6728
cve-2008-6728
sql injection
php-nuke
remote attack
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.0%
SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
Affected configurations
Node
phpnukephp-nukeRange≤7.9
ORphpnukephp-nukeMatch5.0
ORphpnukephp-nukeMatch5.0.1
ORphpnukephp-nukeMatch5.1
ORphpnukephp-nukeMatch5.2
ORphpnukephp-nukeMatch5.3
ORphpnukephp-nukeMatch5.3.1
ORphpnukephp-nukeMatch5.4
ORphpnukephp-nukeMatch5.5
ORphpnukephp-nukeMatch5.6
ORphpnukephp-nukeMatch6.0
ORphpnukephp-nukeMatch6.5
ORphpnukephp-nukeMatch6.6
ORphpnukephp-nukeMatch6.7
ORphpnukephp-nukeMatch6.8
ORphpnukephp-nukeMatch6.9
ORphpnukephp-nukeMatch7.0
ORphpnukephp-nukeMatch7.1
ORphpnukephp-nukeMatch7.2
ORphpnukephp-nukeMatch7.3
ORphpnukephp-nukeMatch7.4
ORphpnukephp-nukeMatch7.5
ORphpnukephp-nukeMatch7.6
ORphpnukephp-nukeMatch7.7
ORphpnukephp-nukeMatch7.8
Related
prion
prion
Sql injection
2009-04-20 14:30:00
cvelist
cvelist
CVE-2008-6728
2009-04-20 14:06:00
nvd
nvd
CVE-2008-6728
2009-04-20 14:30:00
openvas
openvas
PHP-Nuke Sections Module SQL Injection Vulnerability
2009-04-24 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.0%
Related for CVE-2008-6728