Unrated severityNVD Advisory· Published Oct 31, 2008· Updated Jun 16, 2026
CVE-2008-4804
CVE-2008-4804
Description
SQL injection vulnerability in the Gallery module 1.3 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the aid parameter in a showalbum action to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
Affected products
3- cpe:2.3:a:nukedgallery:gallery:*:*:*:*:*:*:*:*
- Range: = 1.3
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.