Vulnerability Details CVE-2002-2032
sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.4%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2002-2032
-
cpe:2.3:a:francisco_burzi:php-nuke:1.0
-
cpe:2.3:a:francisco_burzi:php-nuke:2.5
-
cpe:2.3:a:francisco_burzi:php-nuke:3.0
-
cpe:2.3:a:francisco_burzi:php-nuke:4.0
-
cpe:2.3:a:francisco_burzi:php-nuke:4.3
-
cpe:2.3:a:francisco_burzi:php-nuke:4.4
-
cpe:2.3:a:francisco_burzi:php-nuke:4.4.1a
-
cpe:2.3:a:francisco_burzi:php-nuke:5.0
-
cpe:2.3:a:francisco_burzi:php-nuke:5.0.1
-
cpe:2.3:a:francisco_burzi:php-nuke:5.1
-
cpe:2.3:a:francisco_burzi:php-nuke:5.2
-
cpe:2.3:a:francisco_burzi:php-nuke:5.2a
-
cpe:2.3:a:francisco_burzi:php-nuke:5.3.1
-
cpe:2.3:a:francisco_burzi:php-nuke:5.4