SQL Injection Vulnerabilities in PHP-Nuke Web_Links Module Allow Remote Information Theft

SQL Injection Vulnerabilities in PHP-Nuke Web_Links Module Allow Remote Information Theft

CVE-2003-0279 · LOW Severity

AV:N/AC:H/AU:N/C:P/I:N/A:N

Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.