PHP-Nuke 6.6 is susceptible to a SQL injection attack and leakage of password hashes (if MySQL 4.x is used) due to a lack of filtering in modules.php.
8e248486260fdb6ff3e17c1fe17edbf7d696f730b4799b527c732a1a621fe5a4
Version: PHP-Nuke 6.6
Language: PHP
Web site: phpnuke.org
Status: Vendor has been notified
There's an SQL injection hole in modules.php.
http://phpnuke.org/modules.php?name=Downloads&d_op=viewdownload&cid=59%20or%20cid=2
This is from not filtering 'cid', it should be checked that it is only numeric with is_numeric(). This hole could allow viewing of password hashes if the database is mysql 4.x.
This may effect other versions.