Full Disclosure mailing list archives
unreleased php-nuke sql injections
From: Tibor Pittich <Tibor.Pittich () phuture sk>
Date: Tue, 25 Mar 2003 17:47:28 +0100
hello there is three new php-nuke 6.0 sql injection vulnerabilities. unfortunatelly, these still isn't publically announced (thanks bugtraq..), but patches and description exists at this site: http://www.phpsecure.info/ at least one of this vulnerability is used for example by brazilian h4x0r called himself as 'freeck', which used it to propagate image with antiwar and '0wn3d' message. i believe, that this message will be useful for phpnuke admins.
Attachment:
_bin
Description:
Current thread:
- unreleased php-nuke sql injections Tibor Pittich (Mar 25)
- Re: unreleased php-nuke sql injections yossarian (Mar 25)
- Re: unreleased php-nuke sql injections fnab (Mar 25)
- Re: unreleased php-nuke sql injections Tibor Pittich (Mar 25)
- Re: unreleased php-nuke sql injections yossarian (Mar 25)