Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1460

4 documents4 sources
Severity
7.5HIGH
EPSS
3.3%
top 12.73%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Postnuke Software Foundation Postnuke
Timeline
PublishedOct 13
Latest updateApr 30

Description

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

Patches

Patch: archives.neohapsis.comPatch: www.securityfocus.comPatch: archives.neohapsis.com

🔴Vulnerability Details

2
GHSA
GHSA-hp48-5ppw-8mm6: SQL injection vulnerability in article2022-04-30
CVEList
CVE-2001-1460: SQL injection vulnerability in article2005-04-21

💥Exploits & PoCs

1
Exploit-DB
PostNuke 0.6 - User Login2001-10-13
CVE-2001-1460 (HIGH CVSS 7.5) | SQL injection vulnerability in arti | cvebase.io