CVE-2004-2354
SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
| Software | From | Fixed in |
|---|---|---|
| francisco_burzi / php-nuke | 6.5_beta1 | 6.5_beta1.x |
| francisco_burzi / php-nuke | 6.5 | 6.5.x |
| warpspeed / 4nguestbook | 0.92 | 0.92.x |
| francisco_burzi / php-nuke | 6.5_rc2 | 6.5_rc2.x |
| francisco_burzi / php-nuke | 6.5_rc3 | 6.5_rc3.x |
| francisco_burzi / php-nuke | 6.5_final | 6.5_final.x |
| francisco_burzi / php-nuke | 6.7 | 6.7.x |
| francisco_burzi / php-nuke | 6.6 | 6.6.x |
| francisco_burzi / php-nuke | 6.9 | 6.9.x |
| francisco_burzi / php-nuke | 6.5_rc1 | 6.5_rc1.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime