Total vulnerabilities in the database
SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
| Software | From | Fixed in |
|---|---|---|
| postnuke_software_foundation / postnuke | 0.726 | 0.726.x |
| postnuke_software_foundation / postnuke | 0.722 | 0.722.x |
| postnuke_software_foundation / postnuke | 0.723 | 0.723.x |