PHPNuke.Youraccount.SQL.Injection
Description
It indicates an attacker attempted a SQL Injection attack against PHPNuke. PHP-Nuke 7.8 is prone to multiple input validation errors that can be exploited via a SQL Injection attack. The flaws can be found in 1. username parameter in the Your Account page. 2. url parameter in the Downloads module. 3. description parameter in the Web_Links module.
Affected Products
Francisco Burzi PHP-Nuke 7.8
Impact
Disclosure or Modification of sensitive data
Recommended Actions
Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |