Signature Detail

HTTP: PostNuke modules.php Arbitrary SQL Command Injection

This signature detects directory traversal attempts against the modules.php script included with PostNuke. PostNuke versions 0.723 and earlier are vulnerable. Attackers can send a maliciously crafted request to the modules.php to traverse the directory structure and execute SQL queries to the PostNuke database.

Extended Description

A SQL injection vulnerability has been reported for PHP-Nuke 5.6. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in some scripts. It is possible to modify the logic of SQL queries through malformed query strings in requests for the vulnerable script. By injecting SQL code into variables, it may be possible for an attacker to corrupt database information.

Affected Products

• Francisco Burzi PHP-Nuke 5.6.0

References

• BugTraq: 6088
• CVE: CVE-2002-1242
• URL: http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0117.html
• URL: http://securitytracker.com/alerts/2004/Jan/1008629.html