Bugtraq mailing list archives

Re: [waraxe-2006-SA#046] - Critical sql injection in phpNuke 7.5-7.8

From: sp3x () securityreason com
Date: 21 Feb 2006 10:56:21 -0000

SecurityReason Note :
=====================
 http://securityreason.com/achievement_securityalert/27

The adv was posted on : 15.11.2005
Exploit for this issue also was realised : http://securityreason.com/achievement_exploitalert/5

And the fix too : http://securityreason.com/patch/6

More informations :
CVE : CAN-2005-3792 or CVE-2005-3792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3792
http://secunia.com/advisories/17543/

This issue was not documented on http://securityfocus.com/bid
becuse you didn't found it on the List.

Current thread:

[waraxe-2006-SA#046] - Critical sql injection in phpNuke 7.5-7.8 come2waraxe (Feb 20)
- <Possible follow-ups>
- Re: [waraxe-2006-SA#046] - Critical sql injection in phpNuke 7.5-7.8 sp3x (Feb 21)