[27201] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

PHP-Nuke x.x AND PostNuke SQL Injection

daemon@ATHENA.MIT.EDU (Pedro Inacio)
Thu Sep 26 16:27:19 2002

Date: 26 Sep 2002 18:48:02 -0000
Message-ID: <20020926184802.17307.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Pedro Inacio <pedro.inacio@ptnix.com>
To: bugtraq@securityfocus.com

Hello again,

just to say that PostNuke ( fork of PHP-Nuke ) is vulnerable to the same
bugs
AND
it is possible to inject different SQL code in order to do other "funny" 
but "dangerous" things.

Note to the guys of those projects:
Filter those URL entries!!!

Cheers,

Pedro Inacio


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[27201] in bugtraq

PHP-Nuke x.x AND PostNuke SQL Injection

daemon@ATHENA.MIT.EDU (Pedro Inacio)Thu Sep 26 16:27:19 2002

daemon@ATHENA.MIT.EDU (Pedro Inacio)
Thu Sep 26 16:27:19 2002