CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-1210

Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or the (2) min parameter to the search function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.1%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2003-1210

Francisco Burzi » Php-Nuke » Version: Any

cpe:2.3:a:francisco_burzi:php-nuke:*
Francisco Burzi » Php-Nuke » Version: 6.5_beta1

cpe:2.3:a:francisco_burzi:php-nuke:6.5_beta1
Francisco Burzi » Php-Nuke » Version: 6.5_final

cpe:2.3:a:francisco_burzi:php-nuke:6.5_final
Francisco Burzi » Php-Nuke » Version: 6.5_rc1

cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc1
Francisco Burzi » Php-Nuke » Version: 6.5_rc2

cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc2
Francisco Burzi » Php-Nuke » Version: 6.5_rc3

cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-1210

Products

Pricing

Contact Us