mailing list archives
unreleased php-nuke sql injections
From: Tibor Pittich <Tibor.Pittich () phuture sk>
Date: Tue, 25 Mar 2003 17:47:28 +0100
there is three new php-nuke 6.0 sql injection vulnerabilities.
unfortunatelly, these still isn't publically announced (thanks
bugtraq..), but patches and description exists at this site:
at least one of this vulnerability is used for example by brazilian
h4x0r called himself as 'freeck', which used it to propagate image
with antiwar and '0wn3d' message.
i believe, that this message will be useful for phpnuke admins.
- unreleased php-nuke sql injections Tibor Pittich (Mar 25)