Info

Disclosure

Jan 09, 2006

Discovery

Nov 21, 2005

Dates

Exploit

Jan 09, 2006

Solution

Unknown

Description

PHPNuke EV contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'modules/Search/index.php' script not properly sanitizing user-supplied input to the 'query' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Public
OSVDB: Web Related

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

PHP-Nuke

PHPNuke EV

7.7

References

Bugtraq ID: 16186
Secunia Advisory ID: 18394
CVE ID: 2006-0163 (see also: NVD)
Other Advisory URL: http://lostmon.blogspot.com/2006/01/phpnuke-ev-77-search-module-query.html
Vendor URL: http://nukevolution.com/
Packet Storm: http://packetstormsecurity.org/0601-advisories/sa18394.txt

Credit

Lostmon Lords - Lostmongmail.com -

Direct URL: http://osvdb.org/36218