This host is running PHP-Nuke and is prone to SQL Injection vulnerability.

Successful exploitation will let the attacker cause SQL Injection attack, gain sensitive information about the database used by the web application or can cause arbitrary code execution inside the context of the web application. Impact Level: Application

Upgrade to PHP-Nuke version 8.0 or later http://phpnuke-downloads.com/phpnuke.html

The flaw is due to improper sanitization of user supplied input through the 'artid' parameter in a printable action to modules.php

PHP-Nuke version prior to 8.0

• http://osvdb.org/52033
• http://www.securityfocus.com/archive/1/488653
• http://www.securityfocus.com/archive/1/499687
• http://www.securityfocus.com/data/vulnerabilities/exploits/27958.php

---

Updated on 2015-03-25