FreeBSD : postnuke -- SQL injection vulnerabilities (f3eec2b5-8cd8-11d9-8066-000a95bc6fae)

This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Two separate SQL injection vulnerabilities have been identified in the
PostNuke PHP content management system. An attacker can use this
vulnerability to potentially insert executable PHP code into the
content management system (to view all files within the PHP scope, for
instance). Various other SQL injection vulnerabilities exist, which
give attackers the ability to run SQL queries on any tables within the

See also :

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19170 (freebsd_pkg_f3eec2b58cd811d98066000a95bc6fae.nasl)

Bugtraq ID:

CVE ID: CVE-2005-0615

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now