CVE-2006-1419

nuked-klan <1.7.5 - SQL Injection

Title source: llm
STIX 2.1

Description

SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php.

Exploits (1)

exploitdb WRITEUP VERIFIED
by DaBDouB-MoSiKaR · textwebappsphp
https://www.exploit-db.com/exploits/27468

References (7)

Core 7
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1134
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/632
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19382
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/428895/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/24204
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17233
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25446

Scores

EPSS 0.0103
EPSS Percentile 77.4%

Details

Status published
Products (9)
nuked-klan/nuked-klan 1.2
nuked-klan/nuked-klan 1.2_beta
nuked-klan/nuked-klan 1.3
nuked-klan/nuked-klan 1.3_beta
nuked-klan/nuked-klan 1.4
nuked-klan/nuked-klan 1.5
nuked-klan/nuked-klan 1.5_sp2
nuked-klan/nuked-klan 1.7
nuked-klan/nuked-klan < 1.7.5
Published Mar 28, 2006
Tracked Since Feb 18, 2026