PHP-Nuke Web_Links Module - 'cid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27894/info The PHP-Nuke WebLinks module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacke...

PHP-Nuke Web_Links Module - cid SQL Injection

PHP-Nuke WebLinks Module - cid SQL Injection source: https://www.securityfocus.com/bid/27894/info The PHP-Nuke WebLinks module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow...

CVE-2005-0998

The WebLinks module for PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server...

CVE-2005-0997

Multiple SQL injection vulnerabilities in the WebLinks module for PHP-Nuke 7.6 allow remote attackers to execute arbitrary SQL commands via 1 the email or url parameters in the Add function, 2 the url parameter in the modifylinkrequestS function, 3 the orderby or min parameters in the viewlink...