Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability
# 1  
Old 02-26-2008
S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability
The PHP-Nuke EasyContent module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. The risk is LOW. Expoiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

XSS vulnerability found via injection in the parameter address

Mods please move if posted in wrong section, I wasnt sure where to ask this one. There are several of us that use an open source program called yiimp, https://github.com/tpruvot/yiimp several of our sites were attacked last night and I am reaching out to you guys to see if then vulnerability... (0 Replies)
Discussion started by: crombiecrunch
0 Replies

2. Solaris

Installing ZIP module for PHP

Hi Guys, I am using SOLARIS 10 and I want to install ZIP module for PHP. I went to this link http://pecl.php.net/package/zip and I choose zip-1.12.3.tgz, the latest "stable" release, and then transferred it to my server. Then I went to my path /usr/local/apache2/conf then untar the... (1 Reply)
Discussion started by: Phuti
1 Replies

3. UNIX for Dummies Questions & Answers

How do I list kernel module parameter values?

Hi, I have problem with parameter configuration. My question is after the configuration, how to check if successfully change the value or not? I saw someone has the same question, and followed his steps. Original thread:... (3 Replies)
Discussion started by: skybb
3 Replies

4. UNIX for Dummies Questions & Answers

PHP Module

Ok..i've installed Apache 1.3.14, and it runs... BUT...I can't figure out how to get the php-4.0.4 module to run, and i've read through the install file and EVERYTYHING, aafter about 10 attempts I pissed myself off enough to goto sleep...Can anyone suggest a place to look for a lil bit more help?... (10 Replies)
Discussion started by: ComTec
10 Replies
Login or Register to Ask a Question

LEARN ABOUT PHP

sqlsrv_query

SQLSRV_QUERY(3) 														   SQLSRV_QUERY(3)

sqlsrv_query - Prepares and executes a query.

SYNOPSIS

       mixed sqlsrv_query (resource  $conn, string  $sql, [array  $params], [array  $options])

DESCRIPTION

	Prepares and executes a query.

PARAMETERS

	      o $conn
		- A connection resource returned by sqlsrv_connect(3).

	      o $sql
		- The string that defines the query to be prepared and executed.

	      o $params
		- An array specifying parameter information when executing a parameterized query. Array elements can be any of the following:

		     oA literal value

		     oA PHP variable

		     oAn array with this structure: array($value [, $direction [, $phpType [, $sqlType]]])

	       The following table describes the elements in the array structure above:

	      Array structure

	      +----------------------+---------------------------------------------------+
	      |       Element	     |							 |
	      | 		     |							 |
	      | 		     |			  Description			 |
	      | 		     |							 |
	      +----------------------+---------------------------------------------------+
	      |       $value	     |							 |
	      | 		     |							 |
	      | 		     | A literal value, a PHP variable, or a PHP by-ref- |
	      | 		     | erence variable. 				 |
	      | 		     |							 |
	      |$direction (optional) |							 |
	      | 		     |							 |
	      | 		     | One of the following  SQLSRV  constants	used  to |
	      | 		     | indicate    the	  parameter    direction:   SQL- |
	      | 		     | SRV_PARAM_IN,	   SQLSRV_PARAM_OUT,	    SQL- |
	      | 		     | SRV_PARAM_INOUT.   The	default  value	is  SQL- |
	      | 		     | SRV_PARAM_IN.					 |
	      | 		     |							 |
	      | $phpType (optional)  |							 |
	      | 		     |							 |
	      | 		     | A SQLSRV_PHPTYPE_* constant  that  specifies  PHP |
	      | 		     | data type of the returned value. 		 |
	      | 		     |							 |
	      | $sqlType (optional)  |							 |
	      | 		     |							 |
	      | 		     | A  SQLSRV_SQLTYPE_*  constant  that specifies the |
	      | 		     | SQL Server data type of the input value. 	 |
	      | 		     |							 |
	      +----------------------+---------------------------------------------------+
	      o $options
		- An array specifing query property options. The supported keys are described in the following table:

	      Query Options

	      +-----------------------+--------------------------------------+---+
	      | 	Key	      | 				     |	 |
	      | 		      | 				     |	 |
	      | 		      | 	       Values		     |	 |
	      | 		      | 				     |	 |
	      | 		      | 	    Description 	     |	 |
	      | 		      | 				     |	 |
	      +-----------------------+--------------------------------------+---+
	      |     QueryTimeout      | 				     |	 |
	      | 		      | 				     |	 |
	      | 		      |      A positive integer value.	     |	 |
	      | 		      | 				     |	 |
	      | 		      | Sets the query timeout	in  seconds. |	 |
	      | 		      | By  default,  the  driver  will wait |	 |
	      | 		      | indefinitely for results.	     |	 |
	      | 		      | 				     |	 |
	      |SendStreamParamsAtExec | 				     |	 |
	      | 		      | 				     |	 |
	      | 		      | 				     |	 |
	      | 		      | TRUE or FALSE (the default is TRUE)  |	 |
	      | 		      | 				     |	 |
	      | 		      | Configures the driver  to  send  all |	 |
	      | 		      | stream data at execution ( TRUE), or |	 |
	      | 		      | to send  stream  data  in  chunks  ( |	 |
	      | 		      | FALSE). By default, the value is set |	 |
	      | 		      | to TRUE. For more  information,  see |	 |
	      | 		      | sqlsrv_send_stream_data(3).	     |	 |
	      | 		      | 				     |	 |
	      |      Scrollable       | 				     |	 |
	      | 		      | 				     |	 |
	      | 		      | SQLSRV_CURSOR_FORWARD,	 SQLSRV_CUR- |	 |
	      | 		      | SOR_STATIC,   SQLSRV_CURSOR_DYNAMIC, |	 |
	      | 		      | or SQLSRV_CURSOR_KEYSET 	     |	 |
	      | 		      | 				     |	 |
	      | 		      | See  Specifying  a  Cursor  Type and |	 |
	      | 		      | Selecting Rows in the Microsoft SQL- |	 |
	      | 		      | SRV documentation.		     |	 |
	      | 		      | 				     |	 |
	      +-----------------------+--------------------------------------+---+
RETURN VALUES

	Returns a statement resource on success and FALSE if an error occurred.

EXAMPLES

       Example #1

	      sqlsrv_query(3) example

	      <?php
	      $serverName = "serverNamesqlexpress";
	      $connectionInfo = array( "Database"=>"dbName", "UID"=>"username", "PWD"=>"password" );
	      $conn = sqlsrv_connect( $serverName, $connectionInfo);
	      if( $conn === false ) {
		   die( print_r( sqlsrv_errors(), true));
	      }

	      $sql = "INSERT INTO Table_1 (id, data) VALUES (?, ?)";
	      $params = array(1, "some data");

	      $stmt = sqlsrv_query( $conn, $sql, $params);
	      if( $stmt === false ) {
		   die( print_r( sqlsrv_errors(), true));
	      }
	      ?>

NOTES

	For  statements  that you plan to execute only once, use sqlsrv_query(3). If you intend to re-execute a statement with different parameter
       values, use the combination of sqlsrv_prepare(3) and sqlsrv_execute(3).

SEE ALSO

       sqlsrv_prepare(3), sqlsrv_execute(3).

PHP Documentation Group 													   SQLSRV_QUERY(3)