Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-30177
HistoryApr 07, 2021 - 10:48 a.m.

CVE-2021-30177

2021-04-0710:48:16
mitre
www.cve.org
3
sql injection
php-nuke
user registration
remote code execution
validation
u.s. state
orderby
lastname
city
state

EPSS

0.002

Percentile

55.3%

JSON

There is a SQL Injection vulnerability in PHP-Nuke 8.3.3 in the User Registration section, leading to remote code execution. This occurs because the U.S. state is not validated to be two letters, and the OrderBy field is not validated to be one of LASTNAME, CITY, or STATE.

Related

prion 1
cve 1
nvd 1
prion
prion
Sql injection
2021-04-07 11:15:00
cve
cve
CVE-2021-30177
2021-04-07 11:15:12
nvd
nvd
CVE-2021-30177
2021-04-07 11:15:12

EPSS

0.002

Percentile

55.3%

JSON
Related for CVELIST:CVE-2021-30177
prion1cve1nvd1