cross site scripting htmltonuke

From: jocanor jocanor (jocanor2002at_private)
Date: Sat Jul 12 2003 - 10:02:52 PDT

Next message: D. J. Bernstein: "Re: Email marketing company gives out questionable security advice"

Previous message: Vade 79: "UMN gopherd[2.x.x/3.x.x]: ftp gateway, and GSisText() buffer overflow exploits."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) I find a bug in some versions of htmltonuke. servers with php-nuke installed are not vulnerables some versions of htmltonuke only have permisions to acces to html files, but if you tipe the script before a invalid html file, the script are executed. exploit: http://www.example.com/htmltonuke.php?filnavn=[SCRIPT]%20example.html

Next message: D. J. Bernstein: "Re: Email marketing company gives out questionable security advice"
Previous message: Vade 79: "UMN gopherd[2.x.x/3.x.x]: ftp gateway, and GSisText() buffer overflow exploits."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Jul 12 2003 - 15:12:11 PDT