PHP-Nuke Remote SQL Query Manipulation Vulnerability

PHP-Nuke reportedly contains a vulnerability introduced in a new feature which may permit remote attackers to execute almost arbitrary SQL queries.

In version 5.x of PHP-Nuke, the administrator can set an arbitrary prefix for the database table names. Because it is a prefix for PHP-Nuke tables, this variable is included in many SQL queries used by PHP-Nuke.

If remote clients can submit their own value for 'prefix', they can alter SQL query strings so that almost arbitrary database operations are performed.


Privacy Statement
Copyright 2010, SecurityFocus