CVE-2010-5083 – PHP-Nuke 8.x - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-5083
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php. Vulnerabilidad de inyección de comandos SQL en el módulo Web_Links para PHP-Nuke v8.0, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro url en una acción Add en modules.php • https://www.exploit-db.com/exploits/14589 http://www.exploit-db.com/exploits/14589 http://www.itsecteam.com/en/vulnerabilities/vulnerability58.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/61012 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0879 – PHP-Nuke Web_Links Module - 'cid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0879
SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. Vulnerabilidad de inyección SQL en modules.php del módulo Web_Links para PHP-Nuke permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cid en una acción viewlink. • https://www.exploit-db.com/exploits/31252 http://packetstormsecurity.com/files/126697/PHP-Nuke-Web-Links-SQL-Injection.html http://securityreason.com/securityalert/3684 http://www.securityfocus.com/archive/1/488356/100/0/threaded http://www.securityfocus.com/bid/27894 http://www.securityfocus.com/bid/67463 https://exchange.xforce.ibmcloud.com/vulnerabilities/40862 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •