Sql injection

2008-07-1122:41:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.5%

JSON

SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_dvd action.

CPENameOperatorVersion
4ndvddbeq0.91
4ndvddbeq0.91

CPE	Name	Operator	Version
	4ndvddb	eq	0.91
	4ndvddb	eq	0.91

References

secunia.com/advisories/30976

securityreason.com/securityalert/3986

www.securityfocus.com/archive/1/494013/100/0/threaded

www.securityfocus.com/bid/30120

exchange.xforce.ibmcloud.com/vulnerabilities/43626