Re: PHP-Nuke v5.6 - Users can compromise admin accts

From: Ravish. (ravishat_private)
Date: Fri Aug 16 2002 - 21:55:15 PDT

Next message: Stan Bubrouski: "Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities"

Previous message: Hector A. Paterno: "Information disclosure on mod_auth ( apache 1.3.26 ) ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) I already brought light on this issue few months back. I contacted the author through Private Message but never got a reply. The similar issue also exists in Post Nuke (http://www.postnuke.com). See http://www.securitytracker.com/alerts/2002/Mar/1003781.html and http://packetstorm.decepticons.org/0203-exploits/php-nuke.5.5.css.txt for more info.

Next message: Stan Bubrouski: "Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities"
Previous message: Hector A. Paterno: "Information disclosure on mod_auth ( apache 1.3.26 ) ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 19 2002 - 16:31:10 PDT