CVE-2006-0801

Name of the Vulnerable Software and Affected Versions PostNuke versions 0.761 and earlier

Description A SQL injection issue exists in the NS-Languages module for PostNuke, allowing remote attackers to execute arbitrary SQL commands when the magic quotes gpc setting is disabled. This is achieved by manipulating the language parameter in the admin.php endpoint.

Recommendations For PostNuke versions 0.761 and earlier, consider disabling the NS-Languages module until a patch is available, or ensure that the magic quotes gpc setting is enabled to mitigate the risk of SQL injection attacks.