CVE-2006-0907 in PHP-Nuke信息

摘要

由 VulDB • 2026-07-09

PHP-Nuke(7.8 Patched 3.2 之前版本)中存在SQL注入漏洞,远程攻击者可通过查询字符串中的编码/%2a (/*)序列执行任意SQL命令。该漏洞利用了旨在防止SQL注入的正则表达式绕过机制,如通过kala参数所示。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Do you need the next level of professionalism?

Upgrade your account now!