Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There is a SQL Injection vulnerability in PHP-Nuke 8.3.3 in the User Registration section, leading to remote code execution. This occurs because the U.S. state is not validated to be two letters, and the OrderBy field is not validated to be one of LASTNAME, CITY, or STATE.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP-Nuke SQL注入漏洞
Vulnerability Description
PHP-Nuke是一套基于Web的自动化新闻发布和内容管理系统,它包含新闻主题、文件下载、论坛管理等模块。 PHP-Nuke 8.3.3 存在SQL注入漏洞,该漏洞源于远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A