Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0879

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-0879
Last Modified 24 Oct 2014 01:07:01
Published 21 Feb 2008 02:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0879

Summary

SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.

Vulnerable Systems

Application

  • Phpnuke Web Links Module


References

BID - 27894

BUGTRAQ - 20080219 PHP-Nuke Module Web_Links SQL Injection(cid)

XF - weblinks-cid-sql-injection(40862)

SREASON - 3684

BID - 67463

MISC - http://packetstormsecurity.com/files/126697/PHP-Nuke-Web-Links-SQL-Injection.html


Last Updated: 27 May 2016 10:52:00