CVE-2008-1539

Name of the Vulnerable Software and Affected Versions PHP-Nuke Platinum version 7.6.b.5

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the p parameter to modules.php for the Forums module, specifically targeting the includes/dynamic titles.php file.

Recommendations For PHP-Nuke Platinum version 7.6.b.5, consider restricting access to the modules.php endpoint for the Forums module until a patch is available. As a temporary workaround, avoid using the p parameter in the affected API endpoint to minimize the risk of exploitation.