CVE-2004-2354 Information

Description

SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.

Reference

http://archives.neohapsis.com/archives/bugtraq/2004-03/0139.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15478