PHPNuke holes

From: frog frog (leseulfrog@hotmail.com)
Date: 12/15/01

Previous message: G.Borglum: "HP-UX setuid rlpdaemon induced to make illicit file writes"
Next in thread: rolphin: "Re: PHPNuke holes"
Reply: rolphin: "Re: PHPNuke holes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 15 Dec 2001 01:47:27 -0000
From: frog frog <leseulfrog@hotmail.com>
To: bugtraq@securityfocus.com

('binary' encoding is not supported, stored as-is)

Here a few holes that i've found in PHPNuke.
5 Cross Site Scripting.

http://phpnuke.org/modules.php?
name=Downloads&d_op=viewdownloaddetails&lid=0
2&ttitle=[JAVASCRIPT]

http://phpnuke.org/modules.php?
name=Downloads&d_op=ratedownload&lid=118&ttitle
=[JAVASCRIPT]

http://phpnuke.org/modules.php?
op=modload&name=Members_List&file=index&letter
=[JAVASCRIPT]

http://phpnuke.org/submit.php?subject=
[JAVASCRIPT]&story=[JAVASCRIPT]&storyext=
[JAVASCRIPT]&op=Preview

http://phpnuke.org/user.php?op=userinfo&uname=
[JAVASCRIPT] ==> This hole was not found by
Aurelien Cabezon.

and /admin.php?upload=Go! who's the same that
upload=1 .

frog-man

Previous message: G.Borglum: "HP-UX setuid rlpdaemon induced to make illicit file writes"
Next in thread: rolphin: "Re: PHPNuke holes"
Reply: rolphin: "Re: PHPNuke holes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Another Scripting Hole In Microsoft IE Exposes Local Files
... >know that if you are using IE with javascript etc. default settings on, ... How many hackers bother trying to attack Opera, as related to how many try to ... Number of holes found does not equal number of holes to be found. ... Fax/Voice +1258-9858 | read details of WFTPD Pro for NT. ...
(comp.security.misc)
PHPNuke Cross Scripting...
... Here a few holes that i've found in PHPNuke. ... "Cross Site Scripting". ... =[JAVASCRIPT] ...
(Vuln-Dev)
[[ TH 026 Inc. ]] SA #2 - IcrediBB 1.1, Cross Site Scripting vulnerability.
... Impact: Medium ... Vendor has been notified of all issues ... A Cross Site Scripting has been found due to insufficient checking of user ... things in MSIE * with evil javascript. ...
(Bugtraq)
Re: outlook express and zone alarm (free version)
... Cross site scripting - follow all the pointers in this article. ... Javascript worm that attaches porn site link to every OE email sent. ... "The vast majority of Internet users have ...
(comp.security.firewalls)
Re: outlook express and zone alarm (free version)
... Cross site scripting - follow all the pointers in this article. ... Javascript worm that attaches porn site link to every OE email sent. ... "The vast majority of Internet users have ...
(comp.security.firewalls)