[23514] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

PHPNuke holes

daemon@ATHENA.MIT.EDU (frog frog)
Sat Dec 15 15:42:45 2001

Date: 15 Dec 2001 01:47:27 -0000
Message-ID: <20011215014727.4789.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: frog frog <leseulfrog@hotmail.com>
To: bugtraq@securityfocus.com

Here a few holes that i've found in PHPNuke.
5 Cross Site Scripting.

http://phpnuke.org/modules.php?
name=Downloads&d_op=viewdownloaddetails&lid=0
2&ttitle=[JAVASCRIPT]

http://phpnuke.org/modules.php?
name=Downloads&d_op=ratedownload&lid=118&ttitle
=[JAVASCRIPT]

http://phpnuke.org/modules.php?
op=modload&name=Members_List&file=index&letter
=[JAVASCRIPT]

http://phpnuke.org/submit.php?subject=
[JAVASCRIPT]&story=[JAVASCRIPT]&storyext=
[JAVASCRIPT]&op=Preview

http://phpnuke.org/user.php?op=userinfo&uname=
[JAVASCRIPT] ==> This hole was not found by 
Aurelien Cabezon.

and /admin.php?upload=Go! who's the same that 
upload=1 .

frog-man


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[23514] in bugtraq

PHPNuke holes

daemon@ATHENA.MIT.EDU (frog frog)Sat Dec 15 15:42:45 2001

daemon@ATHENA.MIT.EDU (frog frog)
Sat Dec 15 15:42:45 2001