lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: 1 Aug 2007 15:58:47 -0000
Subject: PHP-Nuke (ALL versions) Multiple XSS and HTML injection

PHP-Nuke ALL versions Search Module multiple XSS and HTML injection

The well-known PHP-Nuke CMS is vulnerable to multiple XSS attacks and HTML injections through the Search Module.

The request is made using POST, but the whole process can be automatized creating an ad-hoc page to send to the victim with an auto-submitting forum using POST as method and the vulnerable URL ( as ACTION.

Both the XSS and the HTML injection work on IE 6/7 and Firefox (ALL versions), with every server and php.ini configuration.

You may use the following queries for testing.


<img src= style=display:none onerror=XSS_HERE <
<iframe src= style=display:none onload=XSS_HERE <

For example:

<img src= style=display:none onerror=alert(document.cookie) <
<iframe src= style=display:none onload=alert(document.cookie) <

*HTML injection*:


<meta http-equiv=refresh content=1;url= <

Obviosuly, using XSS a malicious hacker can obtain some sensitive and confidential information like cookies, or set up a phishing attack.


Powered by blists - more mailing lists