Multiple XSS vulnerabilites in PHPNuke

[Bruno Morisson <morisson () genhex org>]

Yes, more XSS in phpnuke...

Since Francisco Bruzi didn't bother to answer to our submissions and
e-mail, as usual, here goes the full advisory.

The obvious workaround to most of the bugs is to use "strip_tags()"
everywhere.

There are probably a lot more, since these are all straight forward.

Regards

Attachment: phppuke.txt
Description: