Categories

Applications (255)
Blogs (7)
Content Management (167)
Customer Relationship (4)
Discussion Boards (37)
E-Commerce (15)
General Purpose Directories (2)
Image Galleries (21)
Mailing Lists (1)
Tips (3)
Vulnerabilities (366)
Access Bypass (55)
Cross Site Scripting (138)
Denial Of Service (2)
File Inclusion (54)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (17)
Session Hijacking (2)
SQL Injection (140)
« Joomla Brightcode Weblinks Component SQL Injection
vbDrupal SQL Injection and XSS »

PHP-Nuke 4ndvddb Module SQL Injection

Published by TL Guan July 17th, 2008 in Content Management and SQL Injection.

Application: PHP-Nuke
Affected Version: version 0.91.
Vendor’s URL: PHP-Nuke 4ndvddb Module
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional