Bugtraq mailing list archives

Re: PHP Nuke <= 7.8 Multiple SQL Injections

From: Paul Laudanski <zx () castlecops com>
Date: Thu, 15 Sep 2005 19:46:10 -0400 (EDT)

On 14 Sep 2005 evaders99 () gmail com wrote:

I'd just like to report as a solution: the Nuke Patched files. These are being developed to cover all the latest 
vulnerabilities, and to fix issues with previous versions of phpNuke.

These changes will be implemented to our CVS and package downloads soon.


The PHP-Nuke vendor @ http://phpnuke.org has already released a security
fix to this immediately.  It is strongly advised to run the patch.

Read the vendor's disclosure:

http://phpnuke.org/modules.php?name=News&file=article&sid=7434

The patch is for all PHP-Nuke 7.8 and older.

-- 
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops(SM), http://castlecops.com



________ Information from Computer Cops, L.L.C. ________
This message was checked by NOD32 Antivirus System for Linux Mail Server.

  part000.txt - is OK
http://castlecops.com

Current thread:

PHP Nuke <= 7.8 Multiple SQL Injections r . verton (Sep 12)
- Re: PHP Nuke <= 7.8 Multiple SQL Injections Paul Laudanski (Sep 15)
  - Re: PHP Nuke <= 7.8 Multiple SQL Injections Matthias Jim Knopf (Sep 16)
    - Re: PHP Nuke <= 7.8 Multiple SQL Injections Paul Laudanski (Sep 16)
    - Re: PHP Nuke <= 7.8 Multiple SQL Injections Daniel Bonekeeper (Sep 19)
    - Re: PHP Nuke <= 7.8 Multiple SQL Injections Paul Laudanski (Sep 19)
    - Re: PHP Nuke <= 7.8 Multiple SQL Injections hans (Sep 19)
- <Possible follow-ups>
- Re: PHP Nuke <= 7.8 Multiple SQL Injections evaders99 (Sep 15)
  - Re: PHP Nuke <= 7.8 Multiple SQL Injections Paul Laudanski (Sep 16)