Home page logo

fulldisclosure logo Full Disclosure mailing list archives

unreleased php-nuke sql injections
From: Tibor Pittich <Tibor.Pittich () phuture sk>
Date: Tue, 25 Mar 2003 17:47:28 +0100


there is three new php-nuke 6.0 sql injection vulnerabilities.
unfortunatelly, these still isn't publically announced (thanks
bugtraq..), but patches and description exists at this site:

at least one of this vulnerability is used for example by brazilian
h4x0r called himself as 'freeck', which used it to propagate image
with antiwar and '0wn3d' message.

i believe, that this message will be useful for phpnuke admins.

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]