[41774] in bugtraq
Re: XSS bypass in PHPNuke - FIX ?
daemon@ATHENA.MIT.EDU (Paul Laudanski)
Wed Dec 21 15:59:58 2005
Date: Mon, 19 Dec 2005 19:14:40 -0500 (EST)
From: Paul Laudanski <zx@castlecops.com>
To: SecurityReason - sp3x <sp3x@securityreason.com>
Cc: bugtraq@securityfocus.com
In-Reply-To: <200512200024000804.005AB064@smtp.securityreason.com>
Message-ID: <Pine.LNX.4.44.0512191906340.21856-100000@bugsbunny.castlecops.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Tue, 20 Dec 2005, SecurityReason - sp3x wrote:
> Hi Paul
> Do you have any idea to do fix or update filter of phpnuke against XSS that discovered my friend.
> We were working with chaserv from nukefixes.com on this fix...
> But as you wrote on bugtraq the Fix is not very good...
>
> Any idea for good fix ??
>
> BTW : http://castlecops.com is working with phpnuke team ??
> just asking :)
Hi'ya, as per my previous post you can use htmlspecialchars or
htmlentities. So in this case take the query and run it through
htmlspecialchars:
$query = htmlspecialchars($query);
... _before_ you do anything with it like displaying the query back to the
user.
-- Paul Laudanski, Microsoft MVP Windows-Security
[cal] http://events.castlecops.com
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com
