Lucene search
MitreCVELIST:CVE-2004-1949HistoryMay 10, 2005 - 4:00 a.m.
CVE-2004-1949
2005-05-1004:00:00
mitre
www.cve.org
1
SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via (1) the sif parameter to index.php in the Comments module or (2) timezoneoffset parameter to changeinfo.php in the Your_Account module.
References
lists.grok.org.uk/pipermail/full-disclosure/2004-April/020154.html
marc.info/?l=bugtraq&m=108256503718978&w=2
news.postnuke.com/Article2580.html
secunia.com/advisories/11386
securitytracker.com/id?1009801
www.osvdb.org/5368
www.osvdb.org/5369
www.securityfocus.com/bid/10146
exchange.xforce.ibmcloud.com/vulnerabilities/15869
exchange.xforce.ibmcloud.com/vulnerabilities/15875
