PHP-Nuke Search Module 'sid' Parameter SQL Injection Vulnerability

Bugtraq ID: 27408
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jan 22 2008 12:00AM
Updated: Jan 23 2008 09:58PM
Credit: Foster & 1dt.w0lf are credited with the discovery of this vulnerability.
Vulnerable: Francisco Burzi PHP-Nuke 7.9
Francisco Burzi PHP-Nuke 7.9
Francisco Burzi PHP-Nuke 7.8
Francisco Burzi PHP-Nuke 7.7
Francisco Burzi PHP-Nuke 7.6
Francisco Burzi PHP-Nuke 7.3
Francisco Burzi PHP-Nuke 7.3
Francisco Burzi PHP-Nuke 7.2
Francisco Burzi PHP-Nuke 7.1
Francisco Burzi PHP-Nuke 7.0 FINAL
Francisco Burzi PHP-Nuke 7.0
Francisco Burzi PHP-Nuke 6.9
Francisco Burzi PHP-Nuke 6.7
Francisco Burzi PHP-Nuke 6.6
Francisco Burzi PHP-Nuke 6.5 RC3
Francisco Burzi PHP-Nuke 6.5 RC2
Francisco Burzi PHP-Nuke 6.5 RC1
Francisco Burzi PHP-Nuke 6.5 FINAL
Francisco Burzi PHP-Nuke 6.5 BETA 1
Francisco Burzi PHP-Nuke 6.5
Francisco Burzi PHP-Nuke 6.0
Francisco Burzi PHP-Nuke 5.6
Francisco Burzi PHP-Nuke 5.5
Francisco Burzi PHP-Nuke 5.4
Francisco Burzi PHP-Nuke 5.3.1
Francisco Burzi PHP-Nuke 5.2 a
Francisco Burzi PHP-Nuke 5.2
Francisco Burzi PHP-Nuke 5.1
Francisco Burzi PHP-Nuke 5.0.1
Francisco Burzi PHP-Nuke 5.0
Francisco Burzi PHP-Nuke 4.4.1 a
Francisco Burzi PHP-Nuke 4.4
Francisco Burzi PHP-Nuke 4.3
Francisco Burzi PHP-Nuke 4.0
Francisco Burzi PHP-Nuke 3.0
- Linux kernel 2.2
Francisco Burzi PHP-Nuke 2.5
Francisco Burzi PHP-Nuke 1.0
Francisco Burzi PHP-Nuke 0.726 -3
Francisco Burzi PHP-Nuke 0.75 -RC3
Francisco Burzi PHP-Nuke 8.0 Final
Francisco Burzi PHP-Nuke 8.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus