CVE-2004-1929 in PHP-Nukeinfo

Summary

SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers to bypass authentication and gain access by injecting base64-encoded SQL code into the user parameter.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

05/04/2005

Disclosure

04/13/2004

Moderation

VulDB entry created

Entries

VDB-21737 (1)

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.00108

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-1929
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1929
CVE Details	https://www.cvedetails.com/cve/CVE-2004-1929/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!