Details of VAR-200510-0068

ID

VAR-200510-0068

CVE

CVE-2005-3304

TITLE

PHP-Nuke Multiple modules remote SQL Injection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200510-194

DESCRIPTION

Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module. PHPNuke is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. Remote attackers can insert malicious SQL statement strings into the input data to operate the database without authorization. TITLE: PHP-Nuke SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA17315 VERIFY ADVISORY: http://secunia.com/advisories/17315/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: >From remote SOFTWARE: PHP-Nuke 7.x http://secunia.com/product/2385/ DESCRIPTION: rgod has discovered some vulnerabilities in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities have been confirmed in version 7.8. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: rgod ORIGINAL ADVISORY: http://rgod.altervista.org/phpnuke78sql.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.44

sources: NVD: CVE-2005-3304 // BID: 15178 // VULHUB: VHN-14513 // VULMON: CVE-2005-3304 // PACKETSTORM: 40880

AFFECTED PRODUCTS

vendor:	francisco burzi	model:	php-nuke	scope:	eq	version:	7.8	Trust: 1.6
vendor:	francisco	model:	burzi php-nuke	scope:	eq	version:	7.8	Trust: 0.3

sources: BID: 15178 // CNNVD: CNNVD-200510-194 // NVD: CVE-2005-3304

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-3304
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200510-194
value:	HIGH
Trust: 0.6
VULHUB:	VHN-14513
value:	HIGH
Trust: 0.1
VULMON:	CVE-2005-3304
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-3304
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-14513
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-14513 // VULMON: CVE-2005-3304 // CNNVD: CNNVD-200510-194 // NVD: CVE-2005-3304

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3304

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200510-194

TYPE

sql injection

Trust: 0.7

sources: PACKETSTORM: 40880 // CNNVD: CNNVD-200510-194

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-14513 // VULMON: CVE-2005-3304

EXTERNAL IDS

db:	BID	id:	15178	Trust: 2.1
db:	SECUNIA	id:	17315	Trust: 1.9
db:	VUPEN	id:	ADV-2005-2191	Trust: 1.8
db:	OSVDB	id:	20293	Trust: 1.8
db:	OSVDB	id:	20291	Trust: 1.8
db:	OSVDB	id:	20292	Trust: 1.8
db:	NVD	id:	CVE-2005-3304	Trust: 1.8
db:	CNNVD	id:	CNNVD-200510-194	Trust: 0.7
db:	XF	id:	22851	Trust: 0.6
db:	BUGTRAQ	id:	20051023 PHPNUKE 7.8 WITH ALL SECURITY FIXES/PATCHES "YOUR_ACCOUNT",	Trust: 0.6
db:	EXPLOIT-DB	id:	32747	Trust: 0.2
db:	SEEBUG	id:	SSVID-86021	Trust: 0.1
db:	VULHUB	id:	VHN-14513	Trust: 0.1
db:	VULMON	id:	CVE-2005-3304	Trust: 0.1
db:	PACKETSTORM	id:	40880	Trust: 0.1

sources: VULHUB: VHN-14513 // VULMON: CVE-2005-3304 // BID: 15178 // PACKETSTORM: 40880 // CNNVD: CNNVD-200510-194 // NVD: CVE-2005-3304

REFERENCES

url:	http://rgod.altervista.org/phpnuke78sql.html	Trust: 1.9
url:	http://secunia.com/advisories/17315/	Trust: 1.9
url:	http://www.securityfocus.com/bid/15178	Trust: 1.8
url:	http://www.osvdb.org/20291	Trust: 1.8
url:	http://www.osvdb.org/20292	Trust: 1.8
url:	http://www.osvdb.org/20293	Trust: 1.8
url:	http://www.vupen.com/english/advisories/2005/2191	Trust: 1.2
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/22851	Trust: 1.2
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=113017049702436&w=2	Trust: 1.2
url:	http://marc.info/?l=bugtraq&m=113017049702436&w=2	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/22851	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2005/2191	Trust: 0.6
url:	http://www.ncc.org.ve/php-nuke.php3?op=english	Trust: 0.3
url:	http://www.irannuke.com/	Trust: 0.3
url:	/archive/1/414329	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=113017049702436&w=2	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/32747/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/2385/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-14513 // VULMON: CVE-2005-3304 // BID: 15178 // PACKETSTORM: 40880 // CNNVD: CNNVD-200510-194 // NVD: CVE-2005-3304

CREDITS

rgod is credited with the discovery of these vulnerabilities.

Trust: 0.3

sources: BID: 15178

SOURCES

db:	VULHUB	id:	VHN-14513
db:	VULMON	id:	CVE-2005-3304
db:	BID	id:	15178
db:	PACKETSTORM	id:	40880
db:	CNNVD	id:	CNNVD-200510-194
db:	NVD	id:	CVE-2005-3304

LAST UPDATE DATE

2024-08-14T14:35:42.616000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-14513	date:	2017-07-11T00:00:00
db:	VULMON	id:	CVE-2005-3304	date:	2017-07-11T00:00:00
db:	BID	id:	15178	date:	2005-10-24T00:00:00
db:	CNNVD	id:	CNNVD-200510-194	date:	2005-10-31T00:00:00
db:	NVD	id:	CVE-2005-3304	date:	2017-07-11T01:33:09.080

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-14513	date:	2005-10-26T00:00:00
db:	VULMON	id:	CVE-2005-3304	date:	2005-10-26T00:00:00
db:	BID	id:	15178	date:	2005-10-24T00:00:00
db:	PACKETSTORM	id:	40880	date:	2005-10-25T18:06:56
db:	CNNVD	id:	CNNVD-200510-194	date:	2005-10-25T00:00:00
db:	NVD	id:	CVE-2005-3304	date:	2005-10-26T01:02:00