1. CVE-Search
  2. CVE-2004-2008
ID CVE-2004-2008
Summary SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:adam_webb:nukejokes:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:adam_webb:nukejokes:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:adam_webb:nukejokes:2.0_beta:*:*:*:*:*:*:*
    cpe:2.3:a:adam_webb:nukejokes:2.0_beta:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 11-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 10306
bugtraq 20040508 [waraxe-2004-SA#028 - Multiple vulnerabilities in NukeJokes module for PhpNuke]
misc http://www.waraxe.us/index.php?modname=sa&id=28
secunia 11579
xf nukejokes-sql-injection(16099)
Last major update 11-07-2017 - 01:31
Published 08-05-2004 - 04:00
Last modified 11-07-2017 - 01:31
Back to Top