CVE-2008-6779

Name of the Vulnerable Software and Affected Versions: PHP-Nuke (affected versions not specified)

Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the id parameter in a "showcontent" action to the "modules.php" endpoint.

Recommendations: For PHP-Nuke, consider restricting access to the id parameter in the "showcontent" action to modules.php until a patch is available. As a temporary workaround, avoid using the id parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.