VYPR

Web_Links module

by PHP-Nuke

CVEs (5)

  • CVE-2010-5083Feb 14, 2012
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.

  • CVE-2008-0879Feb 21, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.

  • CVE-2005-0997May 2, 2005
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the email or url parameters in the Add function, (2) the url parameter in the modifylinkrequestS function, (3) the orderby or min…

  • CVE-2005-0998May 2, 2005
    risk 0.00cvss epss 0.01

    The Web_Links module for PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server.

  • CVE-2003-0279Jun 16, 2003
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php.