CVE-2005-1694

3 documents3 sources

Severity

7.5HIGH

EPSS

0.4%

top 37.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Postnuke Software Foundation Postnuke

Timeline

PublishedMay 24

Latest updateMay 1

Description

Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia module in PostNuke 0.750 allow remote attackers to execute arbitrary SQL commands via the (1) name or (2) module parameter.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDpostnuke_software_foundation/postnuke0.750

Patches

Patch: news.postnuke.com ↗Patch: news.postnuke.com ↗

🔴Vulnerability Details

GHSA

GHSA-8rx2-88mj-wm3w: Multiple SQL injection vulnerabilities in Xanthia↗2022-05-01

▶

CVEList

CVE-2005-1694: Multiple SQL injection vulnerabilities in Xanthia↗2005-05-24

▶