CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-0908

PHP-Nuke 7.8 Patched 3.2 allows remote attackers to bypass SQL injection protection mechanisms via /%2a (/*) sequences with the "ad_click" word in the query string, as demonstrated via the kala parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://securityreason.com/securityalert/497
http://www.securityfocus.com/archive/1/426083/100/0/threaded
http://www.waraxe.us/advisory-47.html
http://securityreason.com/securityalert/497
http://www.securityfocus.com/archive/1/426083/100/0/threaded
http://www.waraxe.us/advisory-47.html

Products affected by CVE-2006-0908

Francisco Burzi » Php-Nuke » Version: 7.8_patched_3.2

cpe:2.3:a:francisco_burzi:php-nuke:7.8_patched_3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-0908

Products

Pricing

Contact Us