PHP-NUKE version <= 6.9 'cid' sql injection exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: PHP-NUKE version <= 6.9 'cid' sql injection exploit
From: r00t@xxxxxxxxx
Date: Sun, 21 Dec 2003 01:36:08 +0300
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: RusH security team
Reply-to: r00t@xxxxxxxxx


PHP-NUKE version <= 6.9 'cid' sql injection exploit

----------------------
  RusH security team                        
  http://rst.void.ru
 http://www.rsteam.ru
----------------------

mailto:r00t@xxxxxxxxx


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 8.0.2

mQGiBD8+oMARBADX7sY86saLDTZXFOqXxDfvCfFrE2PIwp+1zrY5x/W3Tp7IxatZ
3+K2++XyBY+fIUGXXssoEIBFZqACBN7GCEZ+bdLn4P+nQujst7jxMDeM9vmoVZ9r
ZuDrNSxN1iUnbbpzrHdEKKPbM1dejpkVfpP7QVDvJLw1BdpDv8hrrYOZ7QCg/2dt
j+8desyl8SbNpgwtF2Spw3MD/RqX26aGb17a23qm7emDlAYZP0hvTKDuo7cdevVc
vfocvBKAFK1zQM4sbw4CtLLG75jrNPJOb9Blxx3TDbOJ4Y9IYwScG3yE5yWzE9K6
Ayd47hCJZXVHWmvcawB+mIBR6qEnGEAwwm8hAZzwfZP6KuOP+m77JE9pD6jdHh8R
lP9fBAC8XfHdT4Qk19IHoctMOOSYlq/qDJDiHRy33sGbfKFK9oGzdbWBTtaijGa/
Ni6nSOha75e8p0ObuUcwmM2AJ25dnvdNsveqRENDPN2ksGB0WVCfaM08Gx3hqKVE
zEaChYgKLeQntMFGdz1ijAkUATvYkScPrLdqSwNpB7wj3O7KtLQcMWR0LncwbGYg
PGlkdHdvbGZAcGlzZW0ubmV0PokAVwQQEQIAFwUCPz6gwAcLCQgHAwIKAhkBBRsD
AAAAAAoJEOc7beKo+uDKKWoAoPoCU3/H90Vmi1fxrUyqXV2+xjREAKCu/p+8hnlm
KR3VZZS6E5otSZTORLkCDQQ/PqDAEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bx
brlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJP
PT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrU
GvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVb
GI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcp
esqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAggAjS5g
+HibMlO5wn8ywIpObRLqOqbbaEvzHY8Ja5OcirXTmkPUfnlRFHguJ2MsG2PuZJK3
o8pe+w2ML5O3ZZAGkAqYay42jKuDcxsisTXKqIoFCsXE9QcSn7H381w68pGPz4cz
ZhEMzA3gRsnrdPfbmIqHoWfLgwzg14WYQiP5AvyDck2t8FImLHWBJQtrs1a2eV4N
OlvSNchOqTYNxsQOCgVEg6vHM8krgM9vb21uXUPqhSo/xxEo5nNgdFpUbgNYbU3z
rGAyUPK1ikt2E1KfCWDtKUBCMBYHi+341aq++2tZHZ3MRmml010+/zkLXdF2R8di
Q2oOf9VAZc+2CTg4ookATAQYEQIADAUCPz6gwAUbDAAAAAAKCRDnO23iqPrgyrh+
AKCPKzCodjzGep2lbt3VSkjS62e7OACgnln/OMbUHa3X99fsJNvrR+e9Uss=
=2wgM
-----END PGP PUBLIC KEY BLOCK-----

Attachment: r57nuke-cid.pl
Description: Binary data

Prev by Date: phpBB v2.06 search_id sql injection exploit
Next by Date: Re: Remote crash in tcpdump from OpenBSD
Previous by thread: Re: phpBB v2.06 search_id sql injection exploit
Next by thread: XSS vulnerability in XOOPS 2.0.5.1
Index(es):
- Date
- Thread