Sign-up

ID

VAR-200405-0059


CVE

CVE-2004-2000


TITLE

PHP-Nuke modules.php Module SQL Injection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200405-040

DESCRIPTION

SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php. Multiple SQL vulnerabilities have been identified in the 'modules.php' module of the application. These vulnerabilities may allow a remote attacker to manipulate query logic, potentially leading to unauthorized access to sensitive information. PHPNuke 7.2 and prior are reported to be prone to these issues. The Downloads module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. The \'\'modules.php\'\' module included in PHP-Nuke lacks adequate filtering of the input submitted by the user, and remote attackers can use this vulnerability to obtain sensitive information of the user. The \'\'modules.php\'\' module lacks filtering for the \"orderby\" and \"sid\" variables submitted by the user. Submitting malicious SQL commands as this variable data can change the original SQL logic and obtain the database sensitive information or change database information

Trust: 1.53

sources: NVD: CVE-2004-2000 // BID: 10282 // BID: 27932 // VULHUB: VHN-10428

AFFECTED PRODUCTS

vendor:francisco burzimodel:php-nukescope:eqversion:6.7

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.0

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.2

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.0

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.6

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc3

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.1

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.9

Trust: 0.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.0_final

Trust: 0.6

vendor:franciscomodel:burzi php-nukescope:eqversion:7.2

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.1

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.9

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.7

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.6

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc3scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc2scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc1scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke betascope:eqversion:6.51

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.0

Trust: 0.3

vendor:php nukemodel:downloadsscope:eqversion:0

Trust: 0.3

sources: BID: 10282 // BID: 27932 // CNNVD: CNNVD-200405-040

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-2000
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200405-040
value: HIGH

Trust: 0.6

VULHUB: VHN-10428
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-2000
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10428
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10428 // CNNVD: CNNVD-200405-040 // NVD: CVE-2004-2000

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2000

THREAT TYPE

network

Trust: 0.6

sources: BID: 10282 // BID: 27932

TYPE

Input Validation Error

Trust: 0.6

sources: BID: 10282 // BID: 27932

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-10428

EXTERNAL IDS
db:BIDid:27932
Trust: 2.0
db:BIDid:10282
Trust: 2.0
db:NVDid:CVE-2004-2000
Trust: 2.0
db:SECUNIAid:11553
Trust: 1.7
db:OSVDBid:52223
Trust: 1.7
db:CNNVDid:CNNVD-200405-040
Trust: 0.7
db:BUGTRAQid:20080221 PHP-NUKE MODULE DOWNLOADS SQL INJECTION(SID)
Trust: 0.6
db:BUGTRAQid:20040505 [WARAXE-2004-SA#027 - ONCE AGAIN - CRITICAL VULNERABILITIES IN PHPNUKE 6.X - 7.2]
Trust: 0.6
db:XFid:16074
Trust: 0.6
db:SEEBUGid:SSVID-84619
Trust: 0.1
db:EXPLOIT-DBid:31283
Trust: 0.1
db:VULHUBid:VHN-10428
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10428 // 
            
            
            
            BID: 10282 // 
            
            
            
            BID: 27932 // 
            
            
            
            CNNVD: CNNVD-200405-040 // 
            
            
            
            NVD: CVE-2004-2000

REFERENCES
url:http://www.securityfocus.com/bid/10282
Trust: 1.7
url:http://www.securityfocus.com/bid/27932
Trust: 1.7
url:http://osvdb.org/52223
Trust: 1.7
url:http://secunia.com/advisories/11553
Trust: 1.7
url:http://www.waraxe.us/index.php?modname=sa&id=27
Trust: 1.6
url:http://www.securityfocus.com/archive/1/488452/100/0/threaded
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16074
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=108378804809891&w=2
Trust: 1.0
url:http://xforce.iss.net/xforce/xfdb/16074
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=108378804809891&w=2
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/488452/100/0/threaded
Trust: 0.6
url:/archive/1/362266
Trust: 0.3
url:http://www.phpnuke.org
Trust: 0.3
url:/archive/1/488452
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=108378804809891&w=2
Trust: 0.1
url:http://www.waraxe.us/index.php?modname=sa&id=27
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10428 // 
            
            
            
            BID: 10282 // 
            
            
            
            BID: 27932 // 
            
            
            
            CNNVD: CNNVD-200405-040 // 
            
            
            
            NVD: CVE-2004-2000

CREDITS
Janek Vind※ come2waraxe@yahoo.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200405-040

SOURCES
db:VULHUBid:VHN-10428
db:BIDid:10282
db:BIDid:27932
db:CNNVDid:CNNVD-200405-040
db:NVDid:CVE-2004-2000

LAST UPDATE DATE
2024-08-14T14:42:21.325000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-10428date:2018-10-19T00:00:00
db:BIDid:10282date:2004-05-05T00:00:00
db:BIDid:27932date:2015-05-07T17:32:00
db:CNNVDid:CNNVD-200405-040date:2009-09-19T00:00:00
db:NVDid:CVE-2004-2000date:2018-10-19T15:30:51.243

SOURCES RELEASE DATE
db:VULHUBid:VHN-10428date:2004-05-05T00:00:00
db:BIDid:10282date:2004-05-05T00:00:00
db:BIDid:27932date:2008-02-21T00:00:00
db:CNNVDid:CNNVD-200405-040date:2004-05-05T00:00:00
db:NVDid:CVE-2004-2000date:2004-05-05T04:00:00