CVE-2008-6728

SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.

Published: Apr 20, 2009
Updated: Apr 13, 2023
CVE: CVE-2008-6728
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
phpnuke / php-nuke	5.6	5.6.x
phpnuke / php-nuke	7.3	7.3.x
phpnuke / php-nuke	7.4	7.4.x
phpnuke / php-nuke	7.1	7.1.x
phpnuke / php-nuke	5.0.1	5.0.1.x
phpnuke / php-nuke	5.5	5.5.x
phpnuke / php-nuke	5.3	5.3.x
phpnuke / php-nuke	6.9	6.9.x
phpnuke / php-nuke	5.3.1	5.3.1.x
phpnuke / php-nuke	5.0	5.0.x
phpnuke / php-nuke	-	7.9.x
phpnuke / php-nuke	6.8	6.8.x
phpnuke / php-nuke	6.6	6.6.x
phpnuke / php-nuke	7.5	7.5.x
phpnuke / php-nuke	7.2	7.2.x
phpnuke / php-nuke	7.7	7.7.x
phpnuke / php-nuke	5.2	5.2.x
phpnuke / php-nuke	7.8	7.8.x
phpnuke / php-nuke	6.0	6.0.x
phpnuke / php-nuke	6.7	6.7.x
phpnuke / php-nuke	7.0	7.0.x
phpnuke / php-nuke	6.5	6.5.x
phpnuke / php-nuke	5.1	5.1.x
phpnuke / php-nuke	7.6	7.6.x
phpnuke / php-nuke	5.4	5.4.x

Vulnerability Database

289,599

CVE-2008-6728