PHPNuke 6.0 Modules.PHP SQL Injection Vulnerability

2002-09-25T00:00:00
ID EDB-ID:21862
Type exploitdb
Reporter Pedro Inacio
Modified 2002-09-25T00:00:00

Description

PHPNuke 6.0 Modules.PHP SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/5799/info

A SQL injection vulnerability has been discovered in PHPNuke.

Due to insufficient sanitization of variables used in SQL queries, it is possible to modify the logic of SQL queries.

This issue could result in a denial of service attack or the corruption of database information.

This issue was reported in PHPNuke version 6.0. Other versions may also be affected. 

http://www.nukesite.com/modules.php?name=News&file=article&sid=1234%20or%
201=1