FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Several vulnerabilities found in PHPNuke

Affected packages
phpnuke < 7.3

Details

VuXML ID 33ab4a47-bfc1-11d8-b00e-000347a4fa7d
Discovery 2004-05-05
Entry 2004-07-03
Modified 2004-09-28

Janek Vind "waraxe" reports that several issues in the PHPNuke software may be exploited via carefully crafted URL requests. These URLs will permit the injection of SQL code, cookie theft, and the readability of the PHPNuke administrator account.

References

CVE Name CVE-2003-0279
CVE Name CVE-2003-0318
CVE Name CVE-2004-0266
CVE Name CVE-2004-0269
URL http://secunia.com/advisories/11920
URL http://www.waraxe.us/index.php?modname=sa&id=27

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.