Vulnerability Development mailing list archives
Phpnuke Cross site scripting vulnerability
From: Cabezon Aurélien <aurelien.cabezon () isecurelabs com>
Date: Mon, 3 Dec 2001 01:40:13 +0100
Hi nuke webmasters, Phpnuke cross site scripting vulnerability Affected version : 5.3.1 and prior perhaps other...perhaps all PostNuke affected too. No more explanation, it is enough with cross site scripting...i'm bored with CSS vuln ;) http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.coo kie);</script> This is an other way to stole cookies as i explain in my previous post but without using IE 5.5 vulnerability. http://www.isecurelabs.com/article.php?sid=230 regards, --- Cabezon Aurélien http://www.iSecureLabs.com
Current thread:
- Phpnuke Cross site scripting vulnerability Cabezon Aurélien (Dec 03)