CVE-2014-3934
PHP-Nuke 8.3 - SQL Injection via Submit_News Module topics[] Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-3934. PoCs published by ali ahmady.
AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in PHP-Nuke 8.3, where the 'topics[]' parameter in the 'Submit_News' module is not properly sanitized. The writeup includes a sample exploit URL but lacks actual exploit code.
Description
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics[] parameter to modules.php.
Exploits (1)
The provided text describes an SQL injection vulnerability in PHP-Nuke 8.3, where the 'topics[]' parameter in the 'Submit_News' module is not properly sanitized. The writeup includes a sample exploit URL but lacks actual exploit code.