PHPNuke Remote Main Modules Multiple SQL Injection Vulnerabilities

info
discussion
exploit
solution
references

PHPNuke Remote Main Modules Multiple SQL Injection Vulnerabilities

It has been reported that multiple problems exist in the PHPNuke main modules. SQL injection issues exist in the Sections, Avantgo, Surveys, Downloads, Reviews, and Web_Links modules. This could allow an attacker pass malicious SQL code to the database. It should be noted that multiple path disclosure issues also exist.