Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability
# 1  
Old 02-26-2008
S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability
The PHP-Nuke EasyContent module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. The risk is LOW. Expoiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

XSS vulnerability found via injection in the parameter address

Mods please move if posted in wrong section, I wasnt sure where to ask this one. There are several of us that use an open source program called yiimp, https://github.com/tpruvot/yiimp several of our sites were attacked last night and I am reaching out to you guys to see if then vulnerability... (0 Replies)
Discussion started by: crombiecrunch
0 Replies

2. Solaris

Installing ZIP module for PHP

Hi Guys, I am using SOLARIS 10 and I want to install ZIP module for PHP. I went to this link http://pecl.php.net/package/zip and I choose zip-1.12.3.tgz, the latest "stable" release, and then transferred it to my server. Then I went to my path /usr/local/apache2/conf then untar the... (1 Reply)
Discussion started by: Phuti
1 Replies

3. UNIX for Dummies Questions & Answers

How do I list kernel module parameter values?

Hi, I have problem with parameter configuration. My question is after the configuration, how to check if successfully change the value or not? I saw someone has the same question, and followed his steps. Original thread:... (3 Replies)
Discussion started by: skybb
3 Replies

4. UNIX for Dummies Questions & Answers

PHP Module

Ok..i've installed Apache 1.3.14, and it runs... BUT...I can't figure out how to get the php-4.0.4 module to run, and i've read through the install file and EVERYTYHING, aafter about 10 attempts I pissed myself off enough to goto sleep...Can anyone suggest a place to look for a lil bit more help?... (10 Replies)
Discussion started by: ComTec
10 Replies
Login or Register to Ask a Question

LEARN ABOUT PHP

sql-acceptable-by-4d

SQL-ACCEPTABLE-BY-4D(3) 						 1						   SQL-ACCEPTABLE-BY-4D(3)

SQL acceptable by 4D - PDO and SQL 4D

	4D  implements	strictly  the  ANSI  89 standard, and have it enforced. It is highly recommended to read the 4D SQL documentation to learn
       about the available commands. The URL of the manual is : http://doc.4d.com/. Below is a list of 4D SQL characteristics: it is  not  exhaus-
       tive, but may serve as an introduction.

       Characteristics of 4D SQL

       +-------------------------------------+--------------------------------------+---+
       |	  Characteristics	     |					    |	|
       |				     |					    |	|
       |				     |		   Alternative		    |	|
       |				     |					    |	|
       |				     |		       Note		    |	|
       |				     |					    |	|
       +-------------------------------------+--------------------------------------+---+
       |	      INTEGER		     |					    |	|
       |				     |					    |	|
       |				     |	    Modify the SQL to use INT.	    |	|
       |				     |					    |	|
       |				     | INT is the supported integer type in |	|
       |				     | 4Dv12.0. 			    |	|
       |				     |					    |	|
       |		CHAR		     |					    |	|
       |				     |					    |	|
       |				     |	       Use VARCHAR instead.	    |	|
       |				     |					    |	|
       |				     |	      Unsupported in 4Dv12.0	    |	|
       |				     |					    |	|
       |	       UNION		     |					    |	|
       |				     |					    |	|
       |				     | Unsupported. Make separate queries.  |	|
       |				     |					    |	|
       |				     |	      Unsupported in 4Dv12.0	    |	|
       |				     |					    |	|
       |	   SELECT 1 + 1;	     |					    |	|
       |				     |					    |	|
       |				     |	 SELECT 1 + 1 FROM _USER_SCHEMAS;   |	|
       |				     |					    |	|
       |				     |		 FROM is required	    |	|
       |				     |					    |	|
       |	       FLOAT		     |					    |	|
       |				     |					    |	|
       |				     | Cast the FLOAT value into a FLOAT or |	|
       |				     | STRING,	with  an  SQL  4D  function |	|
       |				     | (CAST, ROUND, TRUNC or TRUNCATE)     |	|
       |				     |					    |	|
       |				     | Unsupported in current  versions  of |	|
       |				     | the PDO_4D driver		    |	|
       |				     |					    |	|
       |	   Strong typing	     |					    |	|
       |				     |					    |	|
       |				     | Take  care  your  SQL query, or your |	|
       |				     | PHP  code  provides  data  with	the |	|
       |				     | expected type			    |	|
       |				     |					    |	|
       |				     |	One  must  provide  the  right type |	|
       |				     | that 4D expect. One can't insert '1' |	|
       |				     | (as a string) in an INTEGER column.  |	|
       |				     |					    |	|
       |PDO.execute(row)(3)  : only works if |					    |	|
       |all the table's column are  of	type |					    |	|
       |TEXT or VARCHAR 		     |					    |	|
       |				     |					    |	|
       |				     | Use the prepared statements, and use |	|
       |				     | the right types. 		    |	|
       |				     |					    |	|
       |				     | The PDO extension  cast	all  values |	|
       |				     | through	execute()  as  string,	and |	|
       |				     | expect the SQL database to parse the |	|
       |				     | values.				    |	|
       |				     |					    |	|
       |       SELECT NULL FROM TABLE	     |					    |	|
       |				     |					    |	|
       |				     | Do  not	use NULL constants. Extract |	|
       |				     | them from the table		    |	|
       |				     |					    |	|
       |				     | It is not allowed to  use  the  NULL |	|
       |				     | constant in the select list	    |	|
       |				     |					    |	|
       |    SELECT * FROM TABLE WHERE 1      |					    |	|
       |				     |					    |	|
       |				     |		 Use WHERE 1 = 1	    |	|
       |				     |					    |	|
       |				     | A  constant can't be used in a WHERE |	|
       |				     | clause				    |	|
       |				     |					    |	|
       |	    SHOW TABLES 	     |					    |	|
       |				     |					    |	|
       |				     |		Use system tables	    |	|
       |				     |					    |	|
       |				     |	The list of tables, schemas, index, |	|
       |				     | etc.  are  in  these system tables : |	|
       |				     | _USER_TABLES,	     _USER_COLUMNS, |	|
       |				     | _USER_INDEXES,	 _USER_CONSTRAINTS, |	|
       |				     | _USER_IND_COLUMNS,   _USER_CONS_COL- |	|
       |				     | UMNS, and _USER_SCHEMAS. 	    |	|
       |				     |					    |	|
       |      SQL structure delimiter	     |					    |	|
       |				     |					    |	|
       |				     |	Use  the following function to pro- |	|
       |				     | tect    SQL    elements:    function |	|
       |				     | sqlEscapeElement(elem)  { return '[' |	|
       |				     | .  str_replace(']',']]',  $elem)   . |	|
       |				     | ']'; }				    |	|
       |				     |					    |	|
       |				     |	To   escape   SQL   elements  names |	|
       |				     | (tables,  fields,   users,   groups, |	|
       |				     | schema,	 primary  key,	etc.),	the |	|
       |				     | whole  identifier  must	be  between |	|
       |				     | square  brackets,  and  the  closing |	|
       |				     | brackets ']' must be doubled.	    |	|
       |				     |					    |	|
       +-------------------------------------+--------------------------------------+---+
PHP Documentation Group 												   SQL-ACCEPTABLE-BY-4D(3)