SQL Injection and Cross-Site Scripting (XSS) Vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9
CVE-2004-2354 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
Learn more about our Cis Benchmark Audit For Oracle Mysql.