cbcvebase.
CVE-2005-0996
published 2005-05-02

CVE-2005-0996: Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email…

PriorityP419medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
1.01%
58.7th percentile
Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min parameter in the search function.

Affected

1 ranges
VendorProductVersion rangeFixed in
francisco_burziphp-nuke
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.