PHP-Nuke Kütüb-i Sitte Module “kid” SQL Injection

Published by TL Guan March 20th, 2008 in Content Management and SQL Injection.

Application: PHP-Nuke Kütüb-i Sitte Module
Affected Version: 1.1 and other versions.
Vendor’s URL: PHP-Nuke Kütüb-i Sitte Module
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Search

Entries RSS

Latest

Drupal Localization client Module XSRF
Drupal Virtual Hosts Local File Inclusion
WordPress Newsletter Plugin “newsletter” SQLi
XOOPS Makale Module “id” SQLi
Movable Type Unspecified XSS
Joomla DS-Syndicate Component “feed_id” SQL
Drupal Node Vote Module Vote Again SQLi
Drupal Node clone Module Security Bypass
Drupal Shindig-Integrator Module Multiple Vulnerabilities
Joomla OwnBiblio Component “catid” SQLi

Exabytes Security Portal

Categories

PHP-Nuke Kütüb-i Sitte Module “kid” SQL Injection

Search

Subscribe

Latest

Archives