PHP-Nuke 8.0 Final - INSERT SQL Injection

PHP-Nuke 8.0 Final - INSERT SQL Injection !/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl';INSERT INTO nukeauthors VALUES 'krasza', 'God', 'http://www.krasza.int.pl', '[email protected]',...

PHP-Nuke <= 8.0 Final (INSERT) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl 0day exploit for PHP-nuke =8.0 Final Sql injection attack in INSERT syntax version for every basePostgreSQL,mssql... except MySQL base Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke =8.0 Final Sql injection atta...

PHP-Nuke Module Emporium 2.3.0 - SQL Injection

exploit2.asp 'Update: + Get Header 'Update: + Get Whois Info '=============================================================================================== % function functionControl1 setTimeout"functionControl2",2000; function functionControl2 ifdocument.form1.field1.value=="" alert"Exploit...

PHP-Nuke Module Emporium <= 2.3.0 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================== PHP-Nuke Module Emporium exploit2.asp 'Update: + Get Header 'Update: + Get Whois Info...

PHP-Nuke Module Emporium 2.3.0 - SQL Injection

PHP-Nuke Module Emporium 2.3.0 - SQL Injection exploit2.asp 'Update: + Get Header 'Update: + Get Whois Info '=============================================================================================== % function functionControl1 setTimeout"functionControl2",2000; function functionControl2...

PHP-Nuke Module Emporium &lt;= 2.3.0 Remote SQL Injection Exploit

No description provided by source. % Response.Buffer = True % % On Error Resume Next % % Server.ScriptTimeout = 100 % % '=============================================================================================== 'Script Name: Php-Nuke Module Emporium = 2.3.0 Remote Blind SQL Injection Exploi...

[SA23748] PHP-Nuke &quot;cat&quot; Old Articles Block SQL Injection

TITLE: PHP-Nuke "cat" Old Articles Block SQL Injection SECUNIA ADVISORY ID: SA23748 VERIFY ADVISORY: http://secunia.com/advisories/23748/ CRITICAL: Moderately critical IMPACT: Manipulation of data, Exposure of sensitive information WHERE: From remote SOFTWARE: PHP-Nuke 7.x...

PHP-Nuke SQL注入漏洞

PHP-Nuke是一款基于PHP的WEB应用程序。 PHP-Nuke不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是多个脚本对用户提交的WEB参数缺少过滤，提交恶意SQL代码作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 PHP-Nuke 7.9 目前没有解决方案提供： http://www.php-nuke.com...

PostNuke Reviews Index.PHP跨站脚本漏洞

PHP-Nuke是一款基于PHP的WEB应用程序。 PHP-Nuke不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行跨站脚本攻击，获得敏感信息。 问题是reviews模块对用户提交的WEB参数缺少过滤，提交恶意脚本代码作为参数数据，并诱使用户访问恶意链接，可导致获得目标用户敏感信息。 PostNuke 0.764 目前没有解决方案提供： http://noc.postnuke.com/...

Sql injection

Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via 1 the active parameter in admin/modules/modules.php; the 2 adclass, 3 imageurl, 4 clickurl, 5 adcode, or 6 position parameter in modules/Advertising/admin/index.php;...

CVE-2007-0372

Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via 1 the active parameter in admin/modules/modules.php; the 2 adclass, 3 imageurl, 4 clickurl, 5 adcode, or 6 position parameter in modules/Advertising/admin/index.php;...

CVE-2007-0372

Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via 1 the active parameter in admin/modules/modules.php; the 2 adclass, 3 imageurl, 4 clickurl, 5 adcode, or 6 position parameter in modules/Advertising/admin/index.php;...

CVE-2007-0372

CVE-2007-0372 involves multiple SQL injection flaws in PHP-Nuke 7.9. The vulnerabilities allow remote attackers to execute arbitrary SQL commands through parameters in admin/modules/modules.php (active) and modules/Advertising/admin/index.php (ad_class, imageurl, clickurl, ad_code, position), plu...

Sql injection

SQL injection vulnerability in blocks/block-OldArticles.php in Francisco Burzi PHP-Nuke 7.9 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter...

CVE-2007-0309

SQL injection vulnerability in blocks/block-OldArticles.php in Francisco Burzi PHP-Nuke 7.9 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter...

CVE-2007-0309

SQL injection vulnerability in blocks/block-OldArticles.php in Francisco Burzi PHP-Nuke 7.9 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter...

CVE-2007-0309

CVE-2007-0309 describes an SQL injection in PHP-Nuke 7.9 and earlier, via blocks/block-Old_Articles.php when register_globals is enabled and magic_quotes_gpc is disabled. A remote attacker can use the cat parameter to execute arbitrary SQL commands. The vulnerability is evidenced across the CVE/N...

PHP-Nuke Block-Old_Articles.PHP SQL注入漏洞

PHP-Nuke是一款基于PHP的站点构架程序。 PHP-Nuke不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是'Block-OldArticles.PHP'脚本对用户提交的'cat'参数缺少过滤，提交恶意脚本代码作为参数数据，可导致获得敏感信息。 PHP-Nuke 7.9 PHP-Nuke 7.8 PHP-Nuke 7.7 PHP-Nuke 7.6 PHP-Nuke 7.5 PHP-Nuke 7.4 PHP-Nuke 7.3 PHP-Nuke 7.2 PHP-Nuke 7.1 PHP-Nuke 7.0 目前没有解决方案提供：...

PHP-Nuke &lt;= 7.9 Old-Articles Block &quot;cat&quot; SQL Injection vulnerability

/ -------------------------------------------------------- Neo Security Team NST - Advisory 31 - 2007-01-13 -------------------------------------------------------- Program: PHP-Nuke Homepage: http://www.phpnuke.org Vulnerable Versions: PHP-Nuke = 7.9 Risk: Medium Impact: Medium Risk -==PHP-Nuke ...

phpnuke79-sql.txt

/ -------------------------------------------------------- Neo Security Team NST - Advisory 31 - 2007-01-13 -------------------------------------------------------- Program: PHP-Nuke Homepage: http://www.phpnuke.org Vulnerable Versions: PHP-Nuke = 7.9 Risk: Medium Impact: Medium Risk -==PHP-Nuke ...