VYPR
Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026

CVE-2004-2751

CVE-2004-2751

Description

SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter.

Affected products

4
  • cpe:2.3:a:postnuke_software_foundation:postnuke:0.722:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:postnuke_software_foundation:postnuke:0.722:*:*:*:*:*:*:*
    • cpe:2.3:a:postnuke_software_foundation:postnuke:0.723:*:*:*:*:*:*:*
    • cpe:2.3:a:postnuke_software_foundation:postnuke:0.726:*:*:*:*:*:*:*
  • Range: <=0.726

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.