Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability
# 1  
Old 02-26-2008
S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability
The PHP-Nuke EasyContent module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. The risk is LOW. Expoiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

XSS vulnerability found via injection in the parameter address

Mods please move if posted in wrong section, I wasnt sure where to ask this one. There are several of us that use an open source program called yiimp, https://github.com/tpruvot/yiimp several of our sites were attacked last night and I am reaching out to you guys to see if then vulnerability... (0 Replies)
Discussion started by: crombiecrunch
0 Replies

2. Solaris

Installing ZIP module for PHP

Hi Guys, I am using SOLARIS 10 and I want to install ZIP module for PHP. I went to this link http://pecl.php.net/package/zip and I choose zip-1.12.3.tgz, the latest "stable" release, and then transferred it to my server. Then I went to my path /usr/local/apache2/conf then untar the... (1 Reply)
Discussion started by: Phuti
1 Replies

3. UNIX for Dummies Questions & Answers

How do I list kernel module parameter values?

Hi, I have problem with parameter configuration. My question is after the configuration, how to check if successfully change the value or not? I saw someone has the same question, and followed his steps. Original thread:... (3 Replies)
Discussion started by: skybb
3 Replies

4. UNIX for Dummies Questions & Answers

PHP Module

Ok..i've installed Apache 1.3.14, and it runs... BUT...I can't figure out how to get the php-4.0.4 module to run, and i've read through the install file and EVERYTYHING, aafter about 10 attempts I pissed myself off enough to goto sleep...Can anyone suggest a place to look for a lil bit more help?... (10 Replies)
Discussion started by: ComTec
10 Replies
Login or Register to Ask a Question

LEARN ABOUT PHP

pg_query_params

PG_QUERY_PARAMS(3)														PG_QUERY_PARAMS(3)

pg_query_params  -  Submits  a command to the server and waits for the result, with the ability to pass parameters separately from the SQL command
text.

SYNOPSIS

       resource pg_query_params ([resource  $connection], string  $query, array  $params)

DESCRIPTION

	Submits a command to the server and waits for the result, with the ability to pass parameters separately from the SQL command text.

       pg_query_params(3) is like pg_query(3), but offers additional functionality: parameter values can be specified separately from the  command
       string proper. pg_query_params(3) is supported only against PostgreSQL 7.4 or higher connections; it will fail when using earlier versions.

	If  parameters	are  used,  they  are referred to in the $query string as $1, $2, etc. The same parameter may appear more than once in the
       $query; the same value will be used in that case. $params specifies the actual values of the parameters. A NULL value in this  array  means
       the corresponding parameter is SQL NULL.

	The primary advantage of pg_query_params(3) over pg_query(3) is that parameter values may be separated from the $query string, thus avoid-
       ing the need for tedious and error-prone quoting and escaping. Unlike pg_query(3), pg_query_params(3) allows at most one SQL command in the
       given string. (There can be semicolons in it, but not more than one nonempty command.)

PARAMETERS

	      o $connection
		- PostgreSQL database connection resource. When $connection is not present, the default connection is used. The default connection
		is the last connection made by pg_connect(3) or pg_pconnect(3).

	      o $query
		- The parameterized SQL statement. Must contain only a single statement. (multiple statements separated  by  semi-colons  are  not
		allowed.) If any parameters are used, they are referred to as $1, $2, etc.  User-supplied values should always be passed as param-
		eters, not interpolated into the query string, where they form possible  SQL injection attack vectors and introduce bugs when han-
		dling data containing quotes. If for some reason you cannot use a parameter, ensure that interpolated values are properly escaped.

	      o $params
		-  An  array of parameter values to substitute for the $1, $2, etc. placeholders in the original prepared query string. The number
		of elements in the array must match the number of placeholders.  Values intended for bytea fields are not supported as parameters.
		Use pg_escape_bytea(3) instead, or use the large object functions.

RETURN VALUES

	A query result resource on success or FALSE on failure.

EXAMPLES

       Example #1

	      Using pg_query_params(3)

	      <?php
	      // Connect to a database named "mary"
	      $dbconn = pg_connect("dbname=mary");

	      // Find all shops named Joe's Widgets.  Note that it is not necessary to
	      // escape "Joe's Widgets"
	      $result = pg_query_params($dbconn, 'SELECT * FROM shops WHERE name = $1', array("Joe's Widgets"));

	      // Compare against just using pg_query
	      $str = pg_escape_string("Joe's Widgets");
	      $result = pg_query($dbconn, "SELECT * FROM shops WHERE name = '{$str}'");

	      ?>

SEE ALSO

       pg_query(3).

PHP Documentation Group 													PG_QUERY_PARAMS(3)