PHP-Nuke Top Module SQL Injection

Exploit Title: PHP-Nuke SQL injection Top Module + protection Bypass Google Dork: intext: Powered by PHP-Nuke Date: 2024-10-07 Exploit Author: Emiliano Febbi Vendor Homepage: https://phpnuke.org/ Software Link: https://sourceforge.net/projects/phpnuke/files/phpnuke/ Version: 6.x New concept of...

PHP-Nuke 8.1.0.3.5b - Remote Command Execution

PHP-Nuke 8.1.0.3.5b - Remote Command Execution PHP-Nuke REMEMBER TO ADD THE FINAL / TO THE HOSTNAME "; Change Here to Set your custom shell for example use...

phpnukesarkilar-sql.txt

. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -Jappan - beenu -Marezzi-P47tr1ck- FeDeReR -MAGE -JeTFyrE- DON-Outlawz and all darkc0de and...

phpnukeklein-sql.txt

Rbt-4 crew http://www.rbt-4.net Author : Lovebug ---------------------------- Remote Sql injection Php-Nuke module name Kleinanzeigen modules.php?name=Kleinanzeigen&aop=visit&lid=sql Exploit username :...

PHP-Nuke Module ZClassifieds [cat] SQL Injection

----- RBT-4 crew Lovebug Italy -------- Author : Lovebug Script : PHP-Nuke Module ZClassifieds cat SQL Injection Bug : modules.php?name=ZClassifieds&cat= S Q L Exploit : -9999999//union//select//pwd,aid//from//nukeauthors/where20admin1/ Original Advisory:...

PHP-Nuke NukeC30 3.0 Module - id_catg SQL Injection

PHP-Nuke NukeC30 3.0 Module - idcatg SQL Injection source: https://www.securityfocus.com/bid/28197/info The NukeC30 module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

PHP-Nuke zClassifieds Module - cat SQL Injection

PHP-Nuke zClassifieds Module - cat SQL Injection source: https://www.securityfocus.com/bid/28211/info The zClassifieds module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

phpnukerecipe-sql.txt

php-nuke Recipes SQL Injectionrecipeid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: "modules.php?name=Recipes"op=viewrecipe DORK 2 : allinurl: "modules.php?name=Recipes"recipeid EXPLOIT : after recipeid...

PHP-Nuke Module Kose_Yazilari - artid SQL Injection

PHP-Nuke Module KoseYazilari - artid SQL Injection CoRPITX Turkey www.Hayalet-hack.com www.zone-turk.net/ PHP-Nuke KoseYazilari SQL Injection Vulnerability AUTHOR : xcorpitx HOME : www.Hayalet-hack.com / www.zone-turk.net WHEN YOU PUT THIS SQL CODE YOU can SEE ADMýN NAME,ADMIN HASH DorK 1 : ''na...

PHP-Nuke Module Kose_Yazilari (artid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= PHP-Nuke Module KoseYazilari artid SQL Injection Vulnerability ================================================================= CoRPITX Turkey PHP-Nuke KoseYazilari SQL...

PHP-Nuke Sell Module - 'cid' SQL Injection

source: https://www.securityfocus.com/bid/27980/info The 'Sell' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...

PHP-Nuke Docum模块'artid' SQL注入漏洞

BUGTRAQ ID: 27912 CNCAN ID:CNCAN-2008022208 PHP-Nuke Docum模块是一款基于PHP的WEB应用程序。 PHP-Nuke Docum模块不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。 问题是由于脚本对用户提交的'artid'参数处理缺少充分过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 PHP-Nuke Module Docum 目前没有详细解决方案提供： http://www.phpnuke.org/...

PHP-Nuke Module Classifieds SQL Injection(Details)

PHP-Nuke Module Classifieds SQL InjectionDetails AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"modules.php?name=Classifieds"Details DORK 2 : allinurl: EXPLOIT :...

PHP-Nuke Siir SQL Injection(id)

PHP-Nuke Siir SQL Injectionid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl: modules-php-name-Siir all modules.php?name=xx subject have secret print and and cant see op=print but cann- use exploit EXPLOIT :...

PHPNuke多个SQL注入及跨站脚本漏洞 Exploit

No description provided by source. Janek Vind （[email protected]）提供了如下测试方法： http://localhost/nuke73/modules.php?name=Search&type=comments&query=not123exists&instory=//UNION//SELECT//0,0,pwd,0,aid//FROM//nukeauthors...