Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

PHPNUKE 6 XSS Vulnerabilities

From: Mark Grimes <mark () stateful net>
Date: Tue, 24 Sep 2002 11:37:06 -0700
http://www.phpnuke.org/modules.php?name=Search

Enter: ><script>alert(document.cookie);</script>
in form, click Search.

Needless to say these bugs won't go away.

The vendor WOULD HAVE been contacted if they just gave an email address
without having to subscribe to nukesupport/phpnuke - maybe I don't use it.

Likewise the author of PHP-NUKE has a submission form for bug reporting
(buried in a FAQ for unsubscribed people -- why do I need to dig for a
contact address?), but that also has a XSS vulnerability - *SIGH*
Nor HTML nor plain text will do through the submission form without the
javascript being executed or stripped.  Instead of implying &gt's and
&lt's in an email, I am posting here.

-- 
Mark Grimes <mark () stateful net>
Stateful Labs
Previous By Date Next
Previous By Thread Next

Current thread: