BugTraq
Back to list
|
Post reply
PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities
Apr 17 2007 12:42PM
programmer serbiansite com
(1 replies)
Re: PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities
Apr 18 2007 08:17PM
Paul Laudanski (paul castlecops com)
programmer (at) serbiansite (dot) com [email concealed] wrote:
> PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities
>
> ________________________
> PROGRAM: PHP-Nuke
> HOMEPAGE: http://phpnuke.org/
> VERSION: All version
> BUG: PHP Nuke <= 8.0.0.3.3b Bypass SQL Injection Protection and SQL Injections vulnerabilities
> AUTHOR: Aleksandar
> ________________________
>
>
>
>
> Let's look at source code from mainfile.php line 435
> __________________________________________
>
> //Union Tap
> //Copyright Zhen-Xjell 2004 http://nukecops.com
> //Beta 3 Code to prevent UNION SQL Injections
>
>
No offense, but newer versions were released. You're quoting old UT code.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
programmer (at) serbiansite (dot) com [email concealed] wrote:
> PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities
>
> ________________________
> PROGRAM: PHP-Nuke
> HOMEPAGE: http://phpnuke.org/
> VERSION: All version
> BUG: PHP Nuke <= 8.0.0.3.3b Bypass SQL Injection Protection and SQL Injections vulnerabilities
> AUTHOR: Aleksandar
> ________________________
>
>
>
>
> Let's look at source code from mainfile.php line 435
> __________________________________________
>
> //Union Tap
> //Copyright Zhen-Xjell 2004 http://nukecops.com
> //Beta 3 Code to prevent UNION SQL Injections
>
>
No offense, but newer versions were released. You're quoting old UT code.
[ reply ]