Vulnerability CVE-2009-0302

Vulnerability CVE-2009-0302

Published: 2009-01-27 Modified: 2012-02-13

Description:

	Topic	Author	Date
Low	PHP-Nuke 8.0 Downloads Blind Sql Injection	r3d.w0rm	24.01.2009

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.6/10	6.4/10	3.9/10

Affected software
Php-nuke -> Downloads module

http://1337day.com/exploits/15481

http://www.exploit-db.com/exploits/18148

http://www.securityfocus.com/archive/1/500335/100/0/threaded

http://www.securityfocus.com/bid/33410

http://www.securityfocus.com/bid/50770

https://exchange.xforce.ibmcloud.com/vulnerabilities/48186

https://exchange.xforce.ibmcloud.com/vulnerabilities/71475