PHPNuke Category Parameter SQL Injection Vulnerability

Posted on Sunday, February 15, 2004 @ 14:19:00 CST in Security
by chatserv

Patch your search module:
under /* Category Selection */
add:
$category = intval($category);
and change:
$categ = "AND catid=$category ";
to:
$categ = "AND catid='$category' ";

News ©

Site Info

Anonymous

216.73.216.213
Register
Search
Login
Lost Password

Last Seen

kguske
corpse

Server Traffic

Total: 563,143,090
Today: 45,044

Server Info

May 19, 2026
07:52 am CDT

Site Navigation

Partners

NuSphere PhpED
IDE for PHP, HTML, CSS, XML, SMARTY, XHTML
Special 10% off coupon! ALL-ACT-10-O-945A4

PHPRunner - PHP form builder

CSE HTML Validator

ip address masquerading

CoffeeCup Software

phpDesigner
PHP Editor/IDE for all PHP/Web development

Recommended Sites

Old Articles

Tuesday, October 06, 2020
Thursday, December 12, 2019
- Patch, Or Your Solid State Drives Roll Over And Die
Tuesday, August 27, 2019
- Small Step Forward
Tuesday, May 14, 2019
- Pat On The Back
Friday, April 19, 2019
- Upgrade done!
Sunday, October 14, 2018
- The Very Best 4 (Active) CSS Lint Tools
Monday, August 20, 2018
- CSS Grid Layout
Saturday, December 02, 2017
- Linux Journal ceases publication, offers entire digital archive for $12
Older Articles

[ Legal Notice | Privacy Policy | Terms of Use | Comments ]

Theme by: nukecoder.com

Page Generation: 0.01 Seconds