CVE-2003-1435

Francisco Burzi Php-nuke - SQL Injection

Title source: rule

Description

SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module.

Exploits (1)

exploitdb WORKING POC VERIFIED

by David Zentner · phpwebappsphp

https://www.exploit-db.com/exploits/22266

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/6887

[Exploit] http://archives.neohapsis.com/archives/bugtraq/2003-02/0246.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/11375

Scores

EPSS 0.0003

EPSS Percentile 6.9%

Details

CWE

CWE-89

Status published

Products (2)

francisco_burzi/php-nuke 5.6

francisco_burzi/php-nuke 6.0

Published Dec 31, 2003

Tracked Since Feb 18, 2026