Sql injection

SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php...

Sql injection

SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the idcatg parameter in a ViewCatg action to modules.php...

CVE-2008-1314

SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to modules.php...

CVE-2008-1298

SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php...

CVE-2008-1314

CVE-2008-1314 affects the Johannes Hass gaestebuch 2.2 module for PHP-Nuke. The root cause is an SQL injection in the edit action of modules.php, exploitable via the id parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. NVD assigns a CVSSv2 base score of 7.5 (...

CVE-2008-1314

SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to modules.php...

CVE-2008-1308

SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the idcatg parameter in a ViewCatg action to modules.php...

CVE-2008-1308

The CVE-2008-1308 entry concerns the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke, where a SQL injection vulnerability exists in the ViewCatg action (id_catg parameter in modules.php). The cited sources indicate remote SQL command execution is possible, though exploitation details, affected...

CVE-2008-1298

SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php...

CVE-2008-1298

CVE-2008-1298 describes a SQL injection in the Hadith module for PHP-Nuke, exploitable via the cat parameter in a viewcat action to modules.php. The underlying root cause is unsafely concatenated SQL that allows remote attackers to alter or disclose database data. The NVD entry lists a CVSS v2 ba...

phpnukekutubi-sql.txt

RBT-4 Crew rbt-4.net PHP-Nuke KutubiSitte "kid" SQL Injection http://www.rbt-4.net/forum/viewthread.php?forumid=51&threadid=3058 AUTHOR : Lovebug modules.php?name=KutubiSitte&hop=hadisgoster&kid= Exploit :...

phpnukehadith-sql.txt

R B T - 4 C R E W www.rbt-4.net ----------------------------------------------- AUTHOR : Lovebug PHP-Nuke Module "Hadith" cat Sql injection Original Advisory: http://www.rbt-4.net/forum/viewthread.php?forumid=51&threadid=3078 Exploit...

phpnukekutubisitte-sql.txt

!/usr/bin/perl use Getopt::Std; use LWP::UserAgent; sub usg printf" --------------------------- | PHP-NUKE KutubiSitte kid = SQL Injection | --------------------------- Bug by Lovebug Exploit-Code by r080cy90r from RBT-4 -------------- :::::::::::::::::::::::::::::...

PT-2008-2889 · Php Nuke · Php-Nuke

Name of the Vulnerable Software and Affected Versions: PHP-Nuke affected versions not specified Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the cat parameter in a viewcat action to modules.php...

PHP-Nuke Module NukeC30 sql injection

------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo -------- ------------------------------------------------------------- = Author : HouSSaMix from H-T Team = Script : PHP-Nuke Module NukeC30 Module's Name: NukeC30 Module's Version: 3.0 ...

PHP-Nuke NukeC30 3.0 Module - 'id_catg' SQL Injection

source: https://www.securityfocus.com/bid/28197/info The NukeC30 module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application...

PHP-Nuke NukeC30 3.0 Module - id_catg SQL Injection

PHP-Nuke NukeC30 3.0 Module - idcatg SQL Injection source: https://www.securityfocus.com/bid/28197/info The NukeC30 module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

PHP-Nuke zClassifieds Module - cat SQL Injection

PHP-Nuke zClassifieds Module - cat SQL Injection source: https://www.securityfocus.com/bid/28211/info The zClassifieds module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

PHP-Nuke Hadith 'cat' SQL注入漏洞

BUGTRAQ ID: 28171 CNCAN ID:CNCAN-2008031111 PHP-Nuke Hadith是一款基于PHP的WEB应用程序。 PHP-Nuke Hadith不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。 问题是由于脚本对用户提交的'cat'参数处理缺少充分过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 Kemas Yunus Antonius Sunnah and Hadith 目前没有详细解决方案提供：...

PHP-Nuke zClassifieds Module - 'cat' SQL Injection

source: https://www.securityfocus.com/bid/28211/info The zClassifieds module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...