CVE-2008-3512

Name of the Vulnerable Software and Affected Versions PHP-Nuke (affected versions not specified)

Description A SQL injection issue exists in the Kleinanzeigen module for PHP-Nuke, allowing remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the lid parameter in a visit action to the "modules.php" endpoint.

Recommendations For PHP-Nuke, consider restricting access to the Kleinanzeigen module until a fix is available. As a temporary workaround, avoid using the lid parameter in the affected "modules.php" endpoint to minimize the risk of exploitation.