CVE-2007-0309

Name of the Vulnerable Software and Affected Versions: PHP-Nuke versions 7.9 and earlier

Description: The issue allows remote attackers to execute arbitrary SQL commands. This is possible when register globals is enabled and magic quotes gpc is disabled. The cat parameter is used for this purpose.

Recommendations: For PHP-Nuke versions 7.9 and earlier, consider disabling the register globals setting and enabling magic quotes gpc to prevent exploitation. Additionally, restrict access to the blocks/block-Old Articles.php file until a fix is available. Avoid using the cat parameter in the affected endpoint until the issue is resolved.