cvelistv5 - cve-2005-3304

CVE-2005-3304 (GCVE-0-2005-3304)

Vulnerability from cvelistv5 – Published: 2005-10-25 04:00 – Updated: 2024-08-07 23:10

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://rgod.altervista.org/phpnuke78sql.html	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/15178	vdb-entryx_refsource_BID
	http://marc.info/?l=bugtraq&m=113017049702436&w=2	mailing-listx_refsource_BUGTRAQ
	http://www.osvdb.org/20293	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/17315/	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/20292	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2005/2191	vdb-entryx_refsource_VUPEN
	http://www.osvdb.org/20291	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:10:08.528Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://rgod.altervista.org/phpnuke78sql.html"
          },
          {
            "name": "phpnuke-multiple-modules-sql-injection(22851)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
          },
          {
            "name": "15178",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15178"
          },
          {
            "name": "20051023 PhpNuke 7.8 with all security fixes/patches \"Your_Account\",",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
          },
          {
            "name": "20293",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/20293"
          },
          {
            "name": "17315",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17315/"
          },
          {
            "name": "20292",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/20292"
          },
          {
            "name": "ADV-2005-2191",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2191"
          },
          {
            "name": "20291",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/20291"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-10-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://rgod.altervista.org/phpnuke78sql.html"
        },
        {
          "name": "phpnuke-multiple-modules-sql-injection(22851)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
        },
        {
          "name": "15178",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15178"
        },
        {
          "name": "20051023 PhpNuke 7.8 with all security fixes/patches \"Your_Account\",",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
        },
        {
          "name": "20293",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/20293"
        },
        {
          "name": "17315",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17315/"
        },
        {
          "name": "20292",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/20292"
        },
        {
          "name": "ADV-2005-2191",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2191"
        },
        {
          "name": "20291",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/20291"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3304",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://rgod.altervista.org/phpnuke78sql.html",
              "refsource": "MISC",
              "url": "http://rgod.altervista.org/phpnuke78sql.html"
            },
            {
              "name": "phpnuke-multiple-modules-sql-injection(22851)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
            },
            {
              "name": "15178",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15178"
            },
            {
              "name": "20051023 PhpNuke 7.8 with all security fixes/patches \"Your_Account\",",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
            },
            {
              "name": "20293",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/20293"
            },
            {
              "name": "17315",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17315/"
            },
            {
              "name": "20292",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/20292"
            },
            {
              "name": "ADV-2005-2191",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2191"
            },
            {
              "name": "20291",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/20291"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3304",
    "datePublished": "2005-10-25T04:00:00",
    "dateReserved": "2005-10-26T00:00:00",
    "dateUpdated": "2024-08-07T23:10:08.528Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:francisco_burzi:php-nuke:7.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F9A4F5F-31CB-4097-85E9-B08B2530E9EE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module.\"}]",
      "id": "CVE-2005-3304",
      "lastModified": "2024-11-21T00:01:34.643",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2005-10-26T01:02:00.000",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rgod.altervista.org/phpnuke78sql.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/17315/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/20291\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/20292\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/20293\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/15178\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2191\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/22851\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rgod.altervista.org/phpnuke78sql.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/17315/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/20291\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/20292\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/20293\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/15178\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2191\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/22851\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-3304\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-10-26T01:02:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:francisco_burzi:php-nuke:7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9A4F5F-31CB-4097-85E9-B08B2530E9EE\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rgod.altervista.org/phpnuke78sql.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/17315/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/20291\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/20292\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/20293\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/15178\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2191\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/22851\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rgod.altervista.org/phpnuke78sql.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/17315/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/20291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/20292\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/20293\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/15178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/22851\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2005-3304

Vulnerability from fkie_nvd - Published: 2005-10-26 01:02 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=113017049702436&w=2
cve@mitre.org	http://rgod.altervista.org/phpnuke78sql.html	Exploit, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/17315/	Vendor Advisory
cve@mitre.org	http://www.osvdb.org/20291
cve@mitre.org	http://www.osvdb.org/20292
cve@mitre.org	http://www.osvdb.org/20293
cve@mitre.org	http://www.securityfocus.com/bid/15178
cve@mitre.org	http://www.vupen.com/english/advisories/2005/2191
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/22851
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=113017049702436&w=2
af854a3a-2127-422b-91ae-364da2661108	http://rgod.altervista.org/phpnuke78sql.html	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17315/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/20291
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/20292
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/20293
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15178
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/2191
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/22851

Impacted products

	Vendor	Product	Version
	francisco_burzi	php-nuke	7.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:francisco_burzi:php-nuke:7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F9A4F5F-31CB-4097-85E9-B08B2530E9EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module."
    }
  ],
  "id": "CVE-2005-3304",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-10-26T01:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://rgod.altervista.org/phpnuke78sql.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17315/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/20291"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/20292"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/20293"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15178"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2191"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://rgod.altervista.org/phpnuke78sql.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17315/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/20291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/20292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/20293"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15178"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2005-3304

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2005-3304

Aliases

CVE-2005-3304

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-3304",
    "description": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module.",
    "id": "GSD-2005-3304"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-3304"
      ],
      "details": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module.",
      "id": "GSD-2005-3304",
      "modified": "2023-12-13T01:20:12.725220Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-3304",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://rgod.altervista.org/phpnuke78sql.html",
            "refsource": "MISC",
            "url": "http://rgod.altervista.org/phpnuke78sql.html"
          },
          {
            "name": "phpnuke-multiple-modules-sql-injection(22851)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
          },
          {
            "name": "15178",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/15178"
          },
          {
            "name": "20051023 PhpNuke 7.8 with all security fixes/patches \"Your_Account\",",
            "refsource": "BUGTRAQ",
            "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
          },
          {
            "name": "20293",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/20293"
          },
          {
            "name": "17315",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/17315/"
          },
          {
            "name": "20292",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/20292"
          },
          {
            "name": "ADV-2005-2191",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2005/2191"
          },
          {
            "name": "20291",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/20291"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:francisco_burzi:php-nuke:7.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3304"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://rgod.altervista.org/phpnuke78sql.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "http://rgod.altervista.org/phpnuke78sql.html"
            },
            {
              "name": "17315",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/17315/"
            },
            {
              "name": "15178",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/15178"
            },
            {
              "name": "20291",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/20291"
            },
            {
              "name": "20292",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/20292"
            },
            {
              "name": "20293",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/20293"
            },
            {
              "name": "ADV-2005-2191",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2005/2191"
            },
            {
              "name": "20051023 PhpNuke 7.8 with all security fixes/patches \"Your_Account\",",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
            },
            {
              "name": "phpnuke-multiple-modules-sql-injection(22851)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-11T01:33Z",
      "publishedDate": "2005-10-26T01:02Z"
    }
  }
}

GHSA-P4QX-PMXG-37RX

Vulnerability from github – Published: 2022-05-01 02:16 – Updated: 2025-04-03 04:18

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-3304"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-10-26T01:02:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module.",
  "id": "GHSA-p4qx-pmxg-37rx",
  "modified": "2025-04-03T04:18:50Z",
  "published": "2022-05-01T02:16:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3304"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rgod.altervista.org/phpnuke78sql.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17315"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/20291"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/20292"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/20293"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/15178"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/2191"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200510-0068

Vulnerability from variot - Updated: 2023-12-18 13:45

Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module. PHPNuke is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. Remote attackers can insert malicious SQL statement strings into the input data to operate the database without authorization.

TITLE: PHP-Nuke SQL Injection Vulnerabilities

SECUNIA ADVISORY ID: SA17315

VERIFY ADVISORY: http://secunia.com/advisories/17315/

CRITICAL: Moderately critical

IMPACT: Manipulation of data

WHERE:

From remote

SOFTWARE: PHP-Nuke 7.x http://secunia.com/product/2385/

DESCRIPTION: rgod has discovered some vulnerabilities in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities have been confirmed in version 7.8. Other versions may also be affected.

SOLUTION: Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY: rgod

ORIGINAL ADVISORY: http://rgod.altervista.org/phpnuke78sql.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200510-0068",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "php-nuke",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "francisco burzi",
        "version": "7.8"
      },
      {
        "model": "burzi php-nuke",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "francisco",
        "version": "7.8"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "15178"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3304"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:francisco_burzi:php-nuke:7.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3304"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "rgod is credited with the discovery of these vulnerabilities.",
    "sources": [
      {
        "db": "BID",
        "id": "15178"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2005-3304",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": true,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-14513",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2005-3304",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2005-3304",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200510-194",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-14513",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2005-3304",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14513"
      },
      {
        "db": "VULMON",
        "id": "CVE-2005-3304"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3304"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module. PHPNuke is prone to multiple SQL injection vulnerabilities.  These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. \nSuccessful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. Remote attackers can insert malicious SQL statement strings into the input data to operate the database without authorization. \n\nTITLE:\nPHP-Nuke SQL Injection Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA17315\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17315/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nManipulation of data\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nPHP-Nuke 7.x\nhttp://secunia.com/product/2385/\n\nDESCRIPTION:\nrgod has discovered some vulnerabilities in PHP-Nuke, which can be\nexploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by\ninjecting arbitrary SQL code. \n\nThe vulnerabilities have been confirmed in version 7.8. Other\nversions may also be affected. \n\nSOLUTION:\nEdit the source code to ensure that input is properly sanitised. \n\nPROVIDED AND/OR DISCOVERED BY:\nrgod\n\nORIGINAL ADVISORY:\nhttp://rgod.altervista.org/phpnuke78sql.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3304"
      },
      {
        "db": "BID",
        "id": "15178"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14513"
      },
      {
        "db": "VULMON",
        "id": "CVE-2005-3304"
      },
      {
        "db": "PACKETSTORM",
        "id": "40880"
      }
    ],
    "trust": 1.44
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-14513",
        "trust": 0.1,
        "type": "unknown"
      },
      {
        "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=32747",
        "trust": 0.1,
        "type": "exploit"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14513"
      },
      {
        "db": "VULMON",
        "id": "CVE-2005-3304"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "15178",
        "trust": 2.1
      },
      {
        "db": "SECUNIA",
        "id": "17315",
        "trust": 1.9
      },
      {
        "db": "VUPEN",
        "id": "ADV-2005-2191",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "20293",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "20291",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "20292",
        "trust": 1.8
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3304",
        "trust": 1.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "22851",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20051023 PHPNUKE 7.8 WITH ALL SECURITY FIXES/PATCHES \"YOUR_ACCOUNT\",",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "32747",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-86021",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-14513",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2005-3304",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "40880",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14513"
      },
      {
        "db": "VULMON",
        "id": "CVE-2005-3304"
      },
      {
        "db": "BID",
        "id": "15178"
      },
      {
        "db": "PACKETSTORM",
        "id": "40880"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3304"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ]
  },
  "id": "VAR-200510-0068",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14513"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:45:24.713000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3304"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://rgod.altervista.org/phpnuke78sql.html"
      },
      {
        "trust": 1.9,
        "url": "http://secunia.com/advisories/17315/"
      },
      {
        "trust": 1.8,
        "url": "http://www.securityfocus.com/bid/15178"
      },
      {
        "trust": 1.8,
        "url": "http://www.osvdb.org/20291"
      },
      {
        "trust": 1.8,
        "url": "http://www.osvdb.org/20292"
      },
      {
        "trust": 1.8,
        "url": "http://www.osvdb.org/20293"
      },
      {
        "trust": 1.2,
        "url": "http://www.vupen.com/english/advisories/2005/2191"
      },
      {
        "trust": 1.2,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22851"
      },
      {
        "trust": 1.2,
        "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=113017049702436\u0026w=2"
      },
      {
        "trust": 1.1,
        "url": "http://marc.info/?l=bugtraq\u0026m=113017049702436\u0026w=2"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/22851"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2005/2191"
      },
      {
        "trust": 0.3,
        "url": "http://www.ncc.org.ve/php-nuke.php3?op=english"
      },
      {
        "trust": 0.3,
        "url": "http://www.irannuke.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/414329"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=bugtraq\u0026amp;m=113017049702436\u0026amp;w=2"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.exploit-db.com/exploits/32747/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2385/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14513"
      },
      {
        "db": "VULMON",
        "id": "CVE-2005-3304"
      },
      {
        "db": "BID",
        "id": "15178"
      },
      {
        "db": "PACKETSTORM",
        "id": "40880"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3304"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-14513"
      },
      {
        "db": "VULMON",
        "id": "CVE-2005-3304"
      },
      {
        "db": "BID",
        "id": "15178"
      },
      {
        "db": "PACKETSTORM",
        "id": "40880"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3304"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-10-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14513"
      },
      {
        "date": "2005-10-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2005-3304"
      },
      {
        "date": "2005-10-24T00:00:00",
        "db": "BID",
        "id": "15178"
      },
      {
        "date": "2005-10-25T18:06:56",
        "db": "PACKETSTORM",
        "id": "40880"
      },
      {
        "date": "2005-10-26T01:02:00",
        "db": "NVD",
        "id": "CVE-2005-3304"
      },
      {
        "date": "2005-10-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14513"
      },
      {
        "date": "2017-07-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2005-3304"
      },
      {
        "date": "2005-10-24T00:00:00",
        "db": "BID",
        "id": "15178"
      },
      {
        "date": "2017-07-11T01:33:09.080000",
        "db": "NVD",
        "id": "CVE-2005-3304"
      },
      {
        "date": "2005-10-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "PHP-Nuke Multiple modules remote SQL Injection vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "sql injection",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "40880"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-194"
      }
    ],
    "trust": 0.7
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2005-3304 (GCVE-0-2005-3304)

FKIE_CVE-2005-3304

GSD-2005-3304

GHSA-P4QX-PMXG-37RX

VAR-200510-0068

Tags

Sightings

Nomenclature