返回 CVE 瀏覽器

CVE-2001-1460

HIGH

7.5

CVSS Severity Score

EPSS Score0.0230%

EPSS Percentile40.26th

Published2001年10月13日

Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.

Affected Platforms (CPE)

📦

Postnuke Software Foundation

Postnuke

= 0.62

📦

Postnuke Software Foundation

Postnuke

= 0.63

📦

Postnuke Software Foundation

Postnuke

= 0.64

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2001-10/0088.html

🔗 http://archives.neohapsis.com/archives/bugtraq/2001-10/0091.html

🔗 http://www.kb.cert.org/vuls/id/921547

🔗 http://www.securityfocus.com/bid/3435

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/7280

🔗 http://archives.neohapsis.com/archives/bugtraq/2001-10/0088.html

🔗 http://archives.neohapsis.com/archives/bugtraq/2001-10/0091.html

🔗 http://www.kb.cert.org/vuls/id/921547

相關漏洞威脅

CVE-2007-038610.0

Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vectors, related to "an interestin...

CVE-2007-03857.8

The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output"...

CVE-2006-62677.8

PostNuke 0.7.5.0, and certain minor versions, allows remote attackers to obtain sensitive information via a non-numeric value of t...

CVE-2004-16687.5

Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQ...

CVE-2001-1460 Detail & Impact Analysis | CVSS 7.5 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space