lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Apr 2007 16:17:42 -0400 From: Paul Laudanski <paul@...tlecops.com> To: programmer@...biansite.com Cc: bugtraq@...urityfocus.com Subject: Re: PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities programmer@...biansite.com wrote: > PHP Nuke <= 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection vulnerabilities > > ________________________ > PROGRAM: PHP-Nuke > HOMEPAGE: http://phpnuke.org/ > VERSION: All version > BUG: PHP Nuke <= 8.0.0.3.3b Bypass SQL Injection Protection and SQL Injections vulnerabilities > AUTHOR: Aleksandar > ________________________ > > > > > Let's look at source code from mainfile.php line 435 > __________________________________________ > > //Union Tap > //Copyright Zhen-Xjell 2004 http://nukecops.com > //Beta 3 Code to prevent UNION SQL Injections > > No offense, but newer versions were released. You're quoting old UT code.
Powered by blists - more mailing lists