CVE-2005-1694

Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia module in PostNuke 0.750 allow remote attackers to execute arbitrary SQL commands via the (1) name or (2) module parameter.

Published: May 24, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-1694
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
postnuke_software_foundation / postnuke	0.750	0.750.x

http://marc.info/?l=bugtraq&m=111670823128472&w=2
http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2691

Vulnerability Database

289,697

CVE-2005-1694