qfk writes:TITLE: PHP-Nuke query SQL Injection Vulnerability
SECUNIA ADVISORY ID: SA17543
VERIFY ADVISORY: http://secunia.com/advisories/17543/
CRITICAL: Moderately critical
IMPACT: Manipulation of data
WHERE: From remote
SOFTWARE: PHP-Nuke 7.x - http://secunia.com/product/2385/
DESCRIPTION: sp3x has discovered a vulnerability in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "query" parameter when performing a search isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerability has been confirmed in version 7.8. Other versions may also be affected.
SOLUTION: Edit the source code to ensure that input is properly sanitised.
PROVIDED AND/OR DISCOVERED BY: sp3x
Related
Re: PHP-Nuke (Score: 1) |  | Does NukeSentinel provide for relief? |
| Re: PHP-Nuke (Score: 1) by Raven (raven (_AT_) ravenphpscripts (_DOT_) com) on Wednesday, November 16, 2005 @ 10:48:17 CST (User Info | Send a Message) | |
Yes. |
Re: PHP-Nuke (Score: 1) | | I've not been able to exploit this with the latest Patched files. It seems to query seems to be sanitized correctly |
| Re: PHP-Nuke (Score: 1) by kguske on Wednesday, November 16, 2005 @ 21:38:01 CST (User Info | Send a Message) | |
It never ceases to amaze me that great fixes like Patched and great addons like NukeSentinel aren't incorporated into the base code. This is the kind of cr@p that has been going on for years - it just gives users of other CMS applications an excuse to point the finger of insecurity at Nuke. More importantly, it wastes the valuable time of all of us who have implemented the patches and use NukeSentinel. |
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
