Exploit

EDB-ID: 27468	Author: DaBDouB-MoSiKaR	Published: 2006-03-27
CVE: CVE-2006-1419	Type: Webapps	Platform: PHP
Aliases: N/A	Advisory/Source: Link	Tags: Vulnerability
E-DB Verified:	Exploit: Download / View Raw	Vulnerable App: N/A

« Previous Exploit Next Exploit »

source: http://www.securityfocus.com/bid/17233/info

Nuked-Klan is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. 

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

http://www.example.com/index.php?file=Calendar&m=[sql]&y=2006

Related Exploits

Trying to match CVEs (1): CVE-2006-1419
Trying to match OSVDBs (1): 24204
Other Possible E-DB Search Terms: Nuked-klaN 1.x, Nuked-klaN

Date	Title	Author
2008-04-01	Nuked-klaN 1.7.6 - Multiple Vulnerabilities	Charles Fol
2009-12-26	Nuked-klaN 1.7.7 - Remote File Inclusion	indoushka
2004-11-23	Nuked-klaN 1.x - Submit Link Function HTML Injection	XioNoX
2009-12-26	Nuked-klaN SP4 - Remote File Inclusion	indoushka
2003-02-23	Nuked-klaN 1.3 - Remote Information Disclosure	gregory Le ...
2005-10-24	Nuked-klaN 1.7 Download Module - 'dl_id' Parameter SQL Injection	papipsycho
2005-10-24	Nuked-klaN 1.7 Forum Module - Multiple Parameter SQL Injection	papipsycho
2005-10-24	Nuked-klaN 1.7 Links Module - 'link_id' Parameter SQL Injection	papipsycho
2005-10-24	Nuked-klaN 1.7 Sections Module - 'artid' Parameter SQL Injection	papipsycho
2007-05-05	Nuked-klaN 1.7.6 - Remote Code Execution	DarkFig
2008-10-14	Nuked-klaN 1.7.7 / SP4.4 - Multiple Vulnerabilities	Charles Fol
2004-04-12	Nuked-klaN 1.x - Multiple Vulnerabilities	frog
2010-08-05	Nuked-klaN Module Partenaires NK 1.5 - Blind SQL Injection	Metropolis
2010-11-15	Nuked-klaN Module Boutique - Blind SQL Injection	[AR51]Kevinos

Nuked-klaN 1.x - 'index.php' SQL Injection

Related Exploits