Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQL commands via the (1) pageid, (2) subid, or (3) catid parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PostNuke Modules Factory标题模块SQL注入漏洞
Vulnerability Description
PHP-Nuke是一个广为流行的网站创建和管理工具,它可以使用很多数据库软件作为后端,比如MySQL、PostgreSQL、mSQL、Interbase、Sybase等。 PHP-Nuke的Subjects PostNuke模块对多个参数数据缺少过滤,远程攻击者可以利用这个漏洞进行SQL注入攻击,可能更改数据库或获得敏感信息。 Subjects PostNuke模块对用户提交给'subid', 'pageid', 'catid'参数缺少充分过滤,攻击者提交包含恶意SQL代码的数据,可更改原来数据库逻辑,可
CVSS Information
N/A
Vulnerability Type
N/A