SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via (1) the sif parameter to index.php in the Comments module or (2) timezoneoffset parameter to changeinfo.php in the Your_Account module.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-05-10T04:00:00

Updated: 2024-08-08T01:07:49.130Z

Reserved: 2005-05-04T00:00:00

Link: CVE-2004-1949

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2004-12-31T05:00:00.000

Modified: 2024-11-20T23:52:07.963

Link: CVE-2004-1949

cve-icon Redhat

No data.