CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1530

HIGH
7.5
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile31.76th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the (1) eid or (2) cid parameters.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=110064626111756&w=2
πŸ”— http://secunia.com/advisories/13213
πŸ”— http://www.securityfocus.com/bid/11693
πŸ”— http://www.waraxe.us/index.php?modname=sa&id=38
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18104
πŸ”— http://marc.info/?l=bugtraq&m=110064626111756&w=2
πŸ”— http://secunia.com/advisories/13213
πŸ”— http://www.securityfocus.com/bid/11693

Related Vulnerabilities

CVE-2004-101210.0

The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arb...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...

CVE-2004-176010.0

The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not ...