SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Server/CGI)  >   PHP-Nuke Vendors:   Phpnuke.org
PHP-Nuke Displays User-Supplied HTML Without Escaping The Code, Facilitating Cross-Site Scripting Attacks
SecurityTracker Alert ID:  1002884
SecurityTracker URL:  http://securitytracker.com/id/1002884
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Dec 3 2001
Impact:   Execution of arbitrary code via network

Version(s): 5.3.1 and prior versions
Description:   iSecureLabs.com has reported a vulnerability in PHP-Nuke. A remote user can conduct a cross-site scripting attack using PHP-Nuke and may be able to access another user's cookies or sensitive information.

PHP-Nuke will reportedly display user-supplied HTML code, allowing cross-site scripting attacks. A remote user can supply another user (the victim) with an HTML link that, when executed, will cause Javascript code to run on the victim's web browser. The code will appear to originate from a web site running PHP-Nuke and will run in the security context assigned to that potentially trusted web site. The Javascript could access the victim's cookies associated with that web site.

The following type of URL can be used to trigger the vulnerability:

http://[website]/user.php?op=userinfo&uname=<script>alert(document.cookie);</script>
Impact:   A remote user can cause Javascript code to run on another user's browser such that the code will appear to originate from a potentially trusted web site running PHP-Nuke.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.phpnuke.org/ (Links to External Site)
Cause:   Input validation error
Underlying OS:   Linux (Any), UNIX (Any)

Message History:   None.

 Source Message Contents
Date:  Sun, 02 Dec 2001 21:07:32 -0500
Subject:  Phpnuke Cross site scripting vulnerability


Hi nuke webmasters,

Phpnuke cross site scripting vulnerability
Affected version : 5.3.1 and prior perhaps other...perhaps all
PostNuke affected too.

No more explanation, it is enough with cross site scripting...i'm bored
with CSS vuln ;)
http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.coo
kie);</script>

This is an other way to stole cookies as i explain in my previous post
but without using IE 5.5 vulnerability.
http://www.isecurelabs.com/article.php?sid=230

regards,

---
Cabezon Aurélien
http://www.iSecureLabs.com


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC