5 lines
No EOL
505 B
Text
Executable file
5 lines
No EOL
505 B
Text
Executable file
source: http://www.securityfocus.com/bid/7194/info
|
|
|
|
It has been reported that an input validation error exists in the 'viewforum.php' script included with PHPNuke as part of the Forum module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to inject SQL commands and queries into the SQL database used by PHPNuke.
|
|
|
|
http://www.example.com/modules.php?op=modload&name=Forums&file=viewforum&forum='%20OR%201=1%20INTO%20OUTFILE%20'[/path]/vf.txt'/* |