Details of VAR-200512-0910

ID

VAR-200512-0910

CVE

CVE-2005-4715

TITLE

PHP-Nuke modules.php Multiple SQL Injection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200512-783

DESCRIPTION

Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) sid, and (3) pid parameters in a POST request, which bypasses security checks that are performed for GET requests. PHP-Nuke is prone to a sql-injection vulnerability. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. There are multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8. When magic_quotes_gpc is disabled, a remote attacker can execute arbitrary SQL commands. Such requests bypass the security checks performed for GET requests. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: PHP-Nuke SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA16801 VERIFY ADVISORY: http://secunia.com/advisories/16801/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: >From remote SOFTWARE: PHP-Nuke 7.x http://secunia.com/product/2385/ DESCRIPTION: Robin Verton has discovered some vulnerabilities in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities have been confirmed in version 7.7. Version 7.8 and prior are reportedly also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Robin Verton ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.44

sources: NVD: CVE-2005-4715 // BID: 86927 // VULHUB: VHN-15923 // VULMON: CVE-2005-4715 // PACKETSTORM: 40022

AFFECTED PRODUCTS

vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.8	Trust: 1.6
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	7.8	Trust: 0.3

sources: BID: 86927 // CNNVD: CNNVD-200512-783 // NVD: CVE-2005-4715

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2005-4715
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200512-783
value:	HIGH
Trust: 0.6
VULHUB:	VHN-15923
value:	HIGH
Trust: 0.1
VULMON:	CVE-2005-4715
value:	HIGH
Trust: 0.1

NVD:
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	TRUE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
VULHUB:	VHN-15923
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1
VULMON:	CVE-2005-4715
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-15923 // VULMON: CVE-2005-4715 // CNNVD: CNNVD-200512-783 // NVD: CVE-2005-4715

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-4715

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200512-783

TYPE

sql injection

Trust: 0.7

sources: PACKETSTORM: 40022 // CNNVD: CNNVD-200512-783

CONFIGURATIONS

sources: NVD: CVE-2005-4715

EXTERNAL IDS

db:	SREASON	id:	3	Trust: 2.1
db:	NVD	id:	CVE-2005-4715	Trust: 2.1
db:	SECUNIA	id:	16801	Trust: 1.9
db:	OSVDB	id:	19351	Trust: 1.8
db:	CNNVD	id:	CNNVD-200512-783	Trust: 0.7
db:	BUGTRAQ	id:	20050913 RE: PHP NUKE <= 7.8 MULTIPLE SQL INJECTIONS	Trust: 0.6
db:	BUGTRAQ	id:	20050916 RE: PHP NUKE <= 7.8 MULTIPLE SQL INJECTIONS	Trust: 0.6
db:	BUGTRAQ	id:	20050912 PHP NUKE <= 7.8 MULTIPLE SQL INJECTIONS	Trust: 0.6
db:	BUGTRAQ	id:	20050914 RE: PHP NUKE <= 7.8 MULTIPLE SQL INJECTIONS	Trust: 0.6
db:	XF	id:	22247	Trust: 0.6
db:	BID	id:	86927	Trust: 0.4
db:	VULHUB	id:	VHN-15923	Trust: 0.1
db:	VULMON	id:	CVE-2005-4715	Trust: 0.1
db:	PACKETSTORM	id:	40022	Trust: 0.1

sources: VULHUB: VHN-15923 // VULMON: CVE-2005-4715 // BID: 86927 // PACKETSTORM: 40022 // CNNVD: CNNVD-200512-783 // NVD: CVE-2005-4715

REFERENCES

url:	http://archives.neohapsis.com/archives/bugtraq/2005-09/0119.html	Trust: 2.1
url:	http://archives.neohapsis.com/archives/bugtraq/2005-09/0176.html	Trust: 2.1
url:	http://archives.neohapsis.com/archives/bugtraq/2005-09/0167.html	Trust: 2.1
url:	http://archives.neohapsis.com/archives/bugtraq/2005-09/0226.html	Trust: 2.1
url:	http://www.nukefixes.com/ftopict-1779-.html#7641	Trust: 2.1
url:	http://securityreason.com/securityalert/3	Trust: 2.1
url:	http://phpnuke.org/modules.php?name=news&file=article&sid=7434	Trust: 2.0
url:	http://www.osvdb.org/19351	Trust: 1.8
url:	http://secunia.com/advisories/16801	Trust: 1.8
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/22247	Trust: 1.2
url:	http://xforce.iss.net/xforce/xfdb/22247	Trust: 0.6
url:	http://phpnuke.org/modules.php?name=news&file=article&sid=7434	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/product/2385/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/16801/	Trust: 0.1

sources: VULHUB: VHN-15923 // VULMON: CVE-2005-4715 // BID: 86927 // PACKETSTORM: 40022 // CNNVD: CNNVD-200512-783 // NVD: CVE-2005-4715

CREDITS

Unknown

Trust: 0.3

sources: BID: 86927

SOURCES

db:	VULHUB	id:	VHN-15923
db:	VULMON	id:	CVE-2005-4715
db:	BID	id:	86927
db:	PACKETSTORM	id:	40022
db:	CNNVD	id:	CNNVD-200512-783
db:	NVD	id:	CVE-2005-4715

LAST UPDATE DATE

2024-02-13T23:05:10.655000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-15923	date:	2017-07-20T00:00:00
db:	VULMON	id:	CVE-2005-4715	date:	2017-07-20T00:00:00
db:	BID	id:	86927	date:	2005-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200512-783	date:	2006-02-14T00:00:00
db:	NVD	id:	CVE-2005-4715	date:	2017-07-20T01:29:23.550

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-15923	date:	2005-12-31T00:00:00
db:	VULMON	id:	CVE-2005-4715	date:	2005-12-31T00:00:00
db:	BID	id:	86927	date:	2005-12-31T00:00:00
db:	PACKETSTORM	id:	40022	date:	2005-09-14T06:31:57
db:	CNNVD	id:	CNNVD-200512-783	date:	2005-12-31T00:00:00
db:	NVD	id:	CVE-2005-4715	date:	2005-12-31T05:00:00