CVE-2003-0279

Sažetak

Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php.

Reference

http://archives.neohapsis.com/archives/bugtraq/2003-05/0147.html
http://marc.info/?l=bugtraq&m=105276019312980&w=2
http://www.securityfocus.com/bid/7558
http://www.securityfocus.com/bid/7588
https://exchange.xforce.ibmcloud.com/vulnerabilities/11984

CVSS

Base:	2.6
Impact:	2.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-07-2017 - 01:29

Objavljeno

16-06-2003 - 04:00