Description
SQL injection vulnerability in index.php in the pnFlashGames 1.5 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Mehmet Ince · textwebappsphp
https://www.exploit-db.com/exploits/3813
References (6)
Core 6
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25043
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33960
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23701
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/3813
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/35474
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1581
Scores
EPSS
0.0129
EPSS Percentile
79.8%
Details
Status
published
Products (1)
pnflashgames/pnflashgames
1.5
Published
May 02, 2007
Tracked Since
Feb 18, 2026