SQL Injection Vulnerability in PostNuke 0.760 RC3 via sid Parameter

SQL Injection Vulnerability in PostNuke 0.760 RC3 via sid Parameter

CVE-2005-1048 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute arbitrary SQL statements via the sid parameter. NOTE: the vendor reports that they could not reproduce the issues for 760 RC3, or for .750.

Learn more about our Web Application Penetration Testing UK.