CVE-2006-3599

Name of the Vulnerable Software and Affected Versions PHP-Nuke Nuke Advanced Classifieds module (affected versions not specified)

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the id ads parameter in an EditAds operation.

Recommendations For the affected version, consider restricting access to the EditAds operation until a patch is available. As a temporary workaround, avoid using the id ads parameter in the affected module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.