ID
VAR-200511-0302
CVE
CVE-2005-3792
TITLE
PHPNuke Search Module SQL Injection Vulnerability
Trust: 0.9
DESCRIPTION
Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type. PHPNuke is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. phpnuke is an open source website building program. TITLE: PHP-Nuke "query" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA17543 VERIFY ADVISORY: http://secunia.com/advisories/17543/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: >From remote SOFTWARE: PHP-Nuke 7.x http://secunia.com/product/2385/ DESCRIPTION: sp3x has discovered a vulnerability in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability has been confirmed in version 7.8. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: sp3x ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
Trust: 1.35
AFFECTED PRODUCTS
| vendor: | francisco burzi | model: | php-nuke | scope: | eq | version: | 7.3 | Trust: 1.6 |
| vendor: | francisco burzi | model: | php-nuke | scope: | eq | version: | 7.7 | Trust: 1.6 |
| vendor: | francisco burzi | model: | php-nuke | scope: | eq | version: | 7.8 | Trust: 1.6 |
| vendor: | francisco burzi | model: | php-nuke | scope: | eq | version: | 7.6 | Trust: 1.6 |
| vendor: | francisco burzi | model: | php-nuke | scope: | eq | version: | 7.1 | Trust: 1.6 |
| vendor: | francisco burzi | model: | php-nuke | scope: | eq | version: | 7.0_final | Trust: 1.6 |
| vendor: | francisco burzi | model: | php-nuke | scope: | eq | version: | 7.2 | Trust: 1.6 |
| vendor: | francisco | model: | burzi php-nuke final | scope: | eq | version: | 7.0 | Trust: 0.3 |
| vendor: | francisco | model: | burzi php-nuke | scope: | eq | version: | 7.1 | Trust: 0.3 |
| vendor: | francisco | model: | burzi php-nuke | scope: | eq | version: | 7.2 | Trust: 0.3 |
| vendor: | francisco | model: | burzi php-nuke | scope: | eq | version: | 7.6 | Trust: 0.3 |
| vendor: | francisco | model: | burzi php-nuke | scope: | eq | version: | 7.7 | Trust: 0.3 |
| vendor: | francisco | model: | burzi php-nuke | scope: | eq | version: | 7.3 | Trust: 0.3 |
| vendor: | francisco | model: | burzi php-nuke | scope: | eq | version: | 7.8 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-Other | Trust: 1.0 |
THREAT TYPE
remote
Trust: 0.6
TYPE
SQL injection
Trust: 0.6
CONFIGURATIONS
EXPLOIT AVAILABILITY
EXTERNAL IDS
| db: | BID | id: | 15421 | Trust: 2.0 |
| db: | SECUNIA | id: | 17543 | Trust: 1.8 |
| db: | SECTRACK | id: | 1015215 | Trust: 1.7 |
| db: | SECTRACK | id: | 1015651 | Trust: 1.7 |
| db: | VUPEN | id: | ADV-2005-2446 | Trust: 1.7 |
| db: | OSVDB | id: | 20866 | Trust: 1.7 |
| db: | NVD | id: | CVE-2005-3792 | Trust: 1.7 |
| db: | CNNVD | id: | CNNVD-200511-378 | Trust: 0.7 |
| db: | XF | id: | 23079 | Trust: 0.6 |
| db: | BUGTRAQ | id: | 20060221 RE: [WARAXE-2006-SA#046] - CRITICAL SQL INJECTION IN PHPNUKE 7.5-7.8 | Trust: 0.6 |
| db: | BUGTRAQ | id: | 20051115 CRITICAL SQL INJECTION PHPNUKE <= 7.8 | Trust: 0.6 |
| db: | BUGTRAQ | id: | 20060219 [WARAXE-2006-SA#046] - CRITICAL SQL INJECTION IN PHPNUKE 7.5-7.8 | Trust: 0.6 |
| db: | FULLDISC | id: | 20051115 CRITICAL SQL INJECTION PHPNUKE <= 7.8 | Trust: 0.6 |
| db: | SEEBUG | id: | SSVID-63291 | Trust: 0.1 |
| db: | EXPLOIT-DB | id: | 1326 | Trust: 0.1 |
| db: | VULHUB | id: | VHN-15000 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 41588 | Trust: 0.1 |
REFERENCES
| url: | http://secunia.com/advisories/17543/ | Trust: 1.8 |
| url: | http://www.securityfocus.com/bid/15421 | Trust: 1.7 |
| url: | http://www.securityfocus.com/archive/1/425627/100/0/threaded | Trust: 1.7 |
| url: | http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0454.html | Trust: 1.7 |
| url: | http://securityreason.com/achievement_exploitalert/5 | Trust: 1.7 |
| url: | http://www.waraxe.us/advisory-46.html | Trust: 1.7 |
| url: | http://www.osvdb.org/20866 | Trust: 1.7 |
| url: | http://securitytracker.com/id?1015215 | Trust: 1.7 |
| url: | http://securitytracker.com/id?1015651 | Trust: 1.7 |
| url: | http://www.securityfocus.com/archive/1/425508/100/0/threaded | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2005/2446 | Trust: 1.1 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/23079 | Trust: 1.1 |
| url: | http://marc.info/?l=bugtraq&m=113210758511323&w=2 | Trust: 1.0 |
| url: | http://xforce.iss.net/xforce/xfdb/23079 | Trust: 0.6 |
| url: | http://marc.theaimsgroup.com/?l=bugtraq&m=113210758511323&w=2 | Trust: 0.6 |
| url: | http://www.securityfocus.com/archive/1/archive/1/425508/100/0/threaded | Trust: 0.6 |
| url: | http://www.frsirt.com/english/advisories/2005/2446 | Trust: 0.6 |
| url: | http://www.irannuke.com/ | Trust: 0.3 |
| url: | /archive/1/416748 | Trust: 0.3 |
| url: | http://marc.info/?l=bugtraq&m=113210758511323&w=2 | Trust: 0.1 |
| url: | http://secunia.com/secunia_security_advisories/ | Trust: 0.1 |
| url: | http://secunia.com/product/2385/ | Trust: 0.1 |
| url: | http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org | Trust: 0.1 |
| url: | http://secunia.com/about_secunia_advisories/ | Trust: 0.1 |
CREDITS
sp3x@securityreason.com is credited with the discovery of this vulnerability.
Trust: 0.9
SOURCES
| db: | VULHUB | id: | VHN-15000 |
| db: | BID | id: | 15421 |
| db: | PACKETSTORM | id: | 41588 |
| db: | NVD | id: | CVE-2005-3792 |
| db: | CNNVD | id: | CNNVD-200511-378 |
LAST UPDATE DATE
2023-12-18T13:05:22.657000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-15000 | date: | 2018-10-19T00:00:00 |
| db: | BID | id: | 15421 | date: | 2006-05-16T22:24:00 |
| db: | NVD | id: | CVE-2005-3792 | date: | 2018-10-19T15:39:10.200 |
| db: | CNNVD | id: | CNNVD-200511-378 | date: | 2005-11-28T00:00:00 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-15000 | date: | 2005-11-24T00:00:00 |
| db: | BID | id: | 15421 | date: | 2005-11-15T00:00:00 |
| db: | PACKETSTORM | id: | 41588 | date: | 2005-11-19T21:56:12 |
| db: | NVD | id: | CVE-2005-3792 | date: | 2005-11-24T11:03:00 |
| db: | CNNVD | id: | CNNVD-200511-378 | date: | 2005-11-24T00:00:00 |