Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: General :: web5712.htm

PHP-Nuke remote SQL injection leads to DoS



26th Sep 2002 [SBWID-5712]
COMMAND

	PHP-Nuke remote SQL injection leads to DoS

SYSTEMS AFFECTED

	All PHP-Nuke versions, including the just released 6.0

PROBLEM

	Pedro Inacio says :
	

	If you create a short script, to send a few  requests,  (I  have  tested
	with just 6) similar to this:
	

	http://www.nukesite.com/modules.php?name=News&file=article&sid=1234%20or%201=1

	

	

	after a real short time the load of the machine is so high that it  will
	become inacessible. When the script is stopped, the server will  take  a
	few minutes to recover from the load and become acessible again.

SOLUTION

	?


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH