CVE-2004-0732

CVE-2004-0732 describes a SQL injection in Php-Nuke’s Search module (index.php) exploitable via the instory parameter. Root cause: insufficient input validation in the Search module, enabling remote attackers to inject arbitrary SQL. Impact per CVSSv2 is partial disclosure, modification, and disr...