var-200510-0068
Vulnerability from variot
Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module. PHPNuke is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. Remote attackers can insert malicious SQL statement strings into the input data to operate the database without authorization.
TITLE: PHP-Nuke SQL Injection Vulnerabilities
SECUNIA ADVISORY ID: SA17315
VERIFY ADVISORY: http://secunia.com/advisories/17315/
CRITICAL: Moderately critical
IMPACT: Manipulation of data
WHERE:
From remote
SOFTWARE: PHP-Nuke 7.x http://secunia.com/product/2385/
DESCRIPTION: rgod has discovered some vulnerabilities in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerabilities have been confirmed in version 7.8. Other versions may also be affected.
SOLUTION: Edit the source code to ensure that input is properly sanitised.
PROVIDED AND/OR DISCOVERED BY: rgod
ORIGINAL ADVISORY: http://rgod.altervista.org/phpnuke78sql.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200510-0068",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "php-nuke",
"scope": "eq",
"trust": 1.6,
"vendor": "francisco burzi",
"version": "7.8"
},
{
"model": "burzi php-nuke",
"scope": "eq",
"trust": 0.3,
"vendor": "francisco",
"version": "7.8"
}
],
"sources": [
{
"db": "BID",
"id": "15178"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-194"
},
{
"db": "NVD",
"id": "CVE-2005-3304"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod is credited with the discovery of these vulnerabilities.",
"sources": [
{
"db": "BID",
"id": "15178"
}
],
"trust": 0.3
},
"cve": "CVE-2005-3304",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2005-3304",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-14513",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-3304",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200510-194",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-14513",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2005-3304",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14513"
},
{
"db": "VULMON",
"id": "CVE-2005-3304"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-194"
},
{
"db": "NVD",
"id": "CVE-2005-3304"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module. PHPNuke is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. \nSuccessful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. Remote attackers can insert malicious SQL statement strings into the input data to operate the database without authorization. \n\nTITLE:\nPHP-Nuke SQL Injection Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA17315\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17315/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nManipulation of data\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nPHP-Nuke 7.x\nhttp://secunia.com/product/2385/\n\nDESCRIPTION:\nrgod has discovered some vulnerabilities in PHP-Nuke, which can be\nexploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by\ninjecting arbitrary SQL code. \n\nThe vulnerabilities have been confirmed in version 7.8. Other\nversions may also be affected. \n\nSOLUTION:\nEdit the source code to ensure that input is properly sanitised. \n\nPROVIDED AND/OR DISCOVERED BY:\nrgod\n\nORIGINAL ADVISORY:\nhttp://rgod.altervista.org/phpnuke78sql.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3304"
},
{
"db": "BID",
"id": "15178"
},
{
"db": "VULHUB",
"id": "VHN-14513"
},
{
"db": "VULMON",
"id": "CVE-2005-3304"
},
{
"db": "PACKETSTORM",
"id": "40880"
}
],
"trust": 1.44
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-14513",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=32747",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14513"
},
{
"db": "VULMON",
"id": "CVE-2005-3304"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "15178",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "17315",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2005-2191",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "20293",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "20291",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "20292",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2005-3304",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-200510-194",
"trust": 0.7
},
{
"db": "XF",
"id": "22851",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051023 PHPNUKE 7.8 WITH ALL SECURITY FIXES/PATCHES \"YOUR_ACCOUNT\",",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "32747",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-86021",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-14513",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2005-3304",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "40880",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14513"
},
{
"db": "VULMON",
"id": "CVE-2005-3304"
},
{
"db": "BID",
"id": "15178"
},
{
"db": "PACKETSTORM",
"id": "40880"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-194"
},
{
"db": "NVD",
"id": "CVE-2005-3304"
}
]
},
"id": "VAR-200510-0068",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14513"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:15:25.224000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3304"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://rgod.altervista.org/phpnuke78sql.html"
},
{
"trust": 1.9,
"url": "http://secunia.com/advisories/17315/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/15178"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/20291"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/20292"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/20293"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2005/2191"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
},
{
"trust": 1.2,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=113017049702436\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/22851"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2005/2191"
},
{
"trust": 0.3,
"url": "http://www.ncc.org.ve/php-nuke.php3?op=english"
},
{
"trust": 0.3,
"url": "http://www.irannuke.com/"
},
{
"trust": 0.3,
"url": "/archive/1/414329"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=113017049702436\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/32747/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2385/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14513"
},
{
"db": "VULMON",
"id": "CVE-2005-3304"
},
{
"db": "BID",
"id": "15178"
},
{
"db": "PACKETSTORM",
"id": "40880"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-194"
},
{
"db": "NVD",
"id": "CVE-2005-3304"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-14513"
},
{
"db": "VULMON",
"id": "CVE-2005-3304"
},
{
"db": "BID",
"id": "15178"
},
{
"db": "PACKETSTORM",
"id": "40880"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-194"
},
{
"db": "NVD",
"id": "CVE-2005-3304"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-10-26T00:00:00",
"db": "VULHUB",
"id": "VHN-14513"
},
{
"date": "2005-10-26T00:00:00",
"db": "VULMON",
"id": "CVE-2005-3304"
},
{
"date": "2005-10-24T00:00:00",
"db": "BID",
"id": "15178"
},
{
"date": "2005-10-25T18:06:56",
"db": "PACKETSTORM",
"id": "40880"
},
{
"date": "2005-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200510-194"
},
{
"date": "2005-10-26T01:02:00",
"db": "NVD",
"id": "CVE-2005-3304"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-14513"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2005-3304"
},
{
"date": "2005-10-24T00:00:00",
"db": "BID",
"id": "15178"
},
{
"date": "2005-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200510-194"
},
{
"date": "2024-11-21T00:01:34.643000",
"db": "NVD",
"id": "CVE-2005-3304"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-194"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PHP-Nuke Multiple modules remote SQL Injection vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-194"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sql injection",
"sources": [
{
"db": "PACKETSTORM",
"id": "40880"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-194"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…