CVE-2008-4804
The CVE-2008-4804 entry describes an SQL injection in the Gallery module 1.3 for PHP-Nuke, allowing remote attackers to execute arbitrary SQL via the aid parameter in showalbum (index.php). Affected component: Gallery module 1.3 for PHP-Nuke; root cause: unsanitized input in the showalbum action ...