Vulnerability Description
Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Francisco Burzi | Php-Nuke | 5.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2003-05/0147.html
- http://marc.info/?l=bugtraq&m=105276019312980&w=2
- http://www.securityfocus.com/bid/7558
- http://www.securityfocus.com/bid/7588
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11984
- http://archives.neohapsis.com/archives/bugtraq/2003-05/0147.html
- http://marc.info/?l=bugtraq&m=105276019312980&w=2
- http://www.securityfocus.com/bid/7558
- http://www.securityfocus.com/bid/7588
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11984
FAQ
What is CVE-2003-0279?
CVE-2003-0279 is a vulnerability with a CVSS score of 2.6 (LOW). Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the vie...
How severe is CVE-2003-0279?
CVE-2003-0279 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0279?
Check the references section above for vendor advisories and patch information. Affected products include: Francisco Burzi Php-Nuke.