Onkel_Fisch

Researcher fromit-security23.net
#13183of 53,635
20Total CVSS
Vulnerabilities · 3
Medium
1
High
2
PT-2005-5380
7.5
2005-12-31
Php · Php-Nuke · CVE-2005-4715
**Name of the Vulnerable Software and Affected Versions** PHP-Nuke version 7.8 **Description** The issue allows remote attackers to execute arbitrary SQL commands due to multiple SQL injection vulnerabilities in the modules.php file when magic quotes gpc is disabled. This is achieved by exploiting the `name`, `sid`, and `pid` parameters in a POST request, which bypasses the security checks performed for GET requests. **Recommendations** For PHP-Nuke version 7.8, consider disabling the modules.php file or restricting access to it until a patch is available. As a temporary workaround, enable magic quotes gpc to prevent SQL injection attacks via the `name`, `sid`, and `pid` parameters in POST requests. Restrict input for these parameters to minimize the risk of exploitation.
PT-2005-3758
7.5
2005-09-14
Web//News · Web//News · CVE-2005-2896
**Name of the Vulnerable Software and Affected Versions** WEB//NEWS version 1.4 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several parameters, including the `wn userpw` parameter to "startup.php", `cat`, `id`, or `stof` parameters to "news.php", or the `id` parameter to "print.php". **Recommendations** For WEB//NEWS version 1.4, consider restricting access to the affected parameters, such as `wn userpw`, `cat`, `id`, `stof`, until a patch is available. As a temporary workaround, avoid using these parameters in the affected API endpoints.
PT-2005-3759
5.0
2005-09-14
Web//News · Web//News · CVE-2005-2897
**Name of the Vulnerable Software and Affected Versions** WEB//NEWS version 1.4 **Description** The issue allows remote attackers to obtain sensitive information via a direct request to files in the actions directory. This is possible because the error messages from these files reveal the path. For example, this can be demonstrated by accessing the "cat.add.php" file. **Recommendations** For WEB//NEWS version 1.4, consider restricting access to the actions directory to prevent remote attackers from obtaining sensitive information. As a temporary workaround, modify the error handling to prevent the disclosure of sensitive path information.