CVE-2006-0907
PHP-Nuke vulnerability CVE-2006-0907 affects PHP-Nuke before 7.8, patched 3.2, where remote attackers can inject SQL via encoded /%2a (/*) sequences in the query string (e.g., kala parameter) that bypass regex protections. The issue enables arbitrary SQL execution and requires an upgrade to the p...