CVE-2007-0309
CVE-2007-0309 describes an SQL injection in PHP-Nuke 7.9 and earlier, via blocks/block-Old_Articles.php when register_globals is enabled and magic_quotes_gpc is disabled. A remote attacker can use the cat parameter to execute arbitrary SQL commands. The vulnerability is evidenced across the CVE/N...