Vulnerability Details CVE-2001-1460
SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.04
EPSS Ranking 87.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0088.html
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0091.html
- http://www.kb.cert.org/vuls/id/921547
- http://www.securityfocus.com/bid/3435
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7280
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0088.html
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0091.html
- http://www.kb.cert.org/vuls/id/921547
- http://www.securityfocus.com/bid/3435
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7280
Products affected by CVE-2001-1460
-
cpe:2.3:a:postnuke_software_foundation:postnuke:0.62
-
cpe:2.3:a:postnuke_software_foundation:postnuke:0.63
-
cpe:2.3:a:postnuke_software_foundation:postnuke:0.64