CVE-2009-0302

N/A Unknown

Published: January 27, 2009 Modified: April 23, 2026

Description

SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://1337day.com/exploits/15481

Source: cve@mitre.org

http://osvdb.org/51633

Source: cve@mitre.org

http://osvdb.org/77349

Source: cve@mitre.org

http://www.exploit-db.com/exploits/18148

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/500335/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/33410

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/50770

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/48186

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/71475

Source: cve@mitre.org

http://1337day.com/exploits/15481