CVE-2004-2751

SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:postnuke_software_foundation:postnuke:0.722:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.723:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.726:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2024-02-28 10:42


NVD link : CVE-2004-2751

Mitre link : CVE-2004-2751

CVE.ORG link : CVE-2004-2751


JSON object : View

Products Affected

postnuke_software_foundation

  • postnuke
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')