CVE-2008-0461
CVE-2008-0461 concerns a SQL injection in PHP-Nuke’s Search module. The vulnerability resides in index.php for PHP-Nuke 8.0 FINAL and earlier when magic_quotes_gpc is disabled. An attacker can craft requests exploiting the sid parameter in a “comments” action to modules.php to execute arbitrary S...