COMMAND

	PHP-Nuke remote SQL injection leads to DoS

SYSTEMS AFFECTED

	All PHP-Nuke versions, including the just released 6.0

PROBLEM

	Pedro Inacio says :
	

	If you create a short script, to send a few  requests,  (I  have  tested
	with just 6) similar to this:
	

	http://www.nukesite.com/modules.php?name=News&file=article&sid=1234%20or%201=1

	

	

	after a real short time the load of the machine is so high that it  will
	become inacessible. When the script is stopped, the server will  take  a
	few minutes to recover from the load and become acessible again.

SOLUTION

	?