CVE-2005-3305
CVE-2005-3305
Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary SQL commands via the (1) forum_id or (2) thread_id parameter in the Forum file, (3) the link_id in the Links file, (4) the artid parameter in the Sections file, and (5) the dl_id parameter in the Download file.
Affected products
n/a · n/apublic PoCs found — 4
exploitdbwww.exploit-db.com/exploits/26388unverifiedexploitdbwww.exploit-db.com/exploits/26386unverifiedexploitdbwww.exploit-db.com/exploits/26389unverifiedexploitdbwww.exploit-db.com/exploits/26387unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://marc.info/?l=bugtraq&m=113017972620427&w=2http://marc.info/?l=bugtraq&m=113019206306710&w=2http://marc.info/?l=bugtraq&m=113019342213796&w=2http://secunia.com/advisories/17304/https://exchange.xforce.ibmcloud.com/vulnerabilities/22847http://www.nuked-klan.org/http://www.osvdb.org/20337http://www.osvdb.org/20338http://www.osvdb.org/20339http://www.osvdb.org/20340http://www.securityfocus.com/bid/15181http://www.vupen.com/english/advisories/2005/2189