CVE-2003-1210 in PHP-Nukeinfo

Summary

Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or the (2) min parameter to the search function.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

05/19/2005

Disclosure

12/31/2003

Moderation

VulDB entry created

Entries

VDB-21148 (1)

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.00035

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-1210
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-1210
CVE Details	https://www.cvedetails.com/cve/CVE-2003-1210/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!