Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Phpnuke Cross site scripting vulnerability

Phpnuke Cross site scripting vulnerability

From: Cabezon Aurélien <aurelien.cabezon_at_isecurelabs.com>
Date: Mon, 3 Dec 2001 01:40:13 +0100

Hi nuke webmasters,

Phpnuke cross site scripting vulnerability
Affected version : 5.3.1 and prior perhaps other...perhaps all
PostNuke affected too.

No more explanation, it is enough with cross site scripting...i'm bored with
CSS vuln ;)
http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.coo
kie);</script>

This is an other way to stole cookies as i explain in my previous post but
without using IE 5.5 vulnerability.
http://www.isecurelabs.com/article.php?sid=230

regards, 

---
Cabezon Aurélien
http://www.iSecureLabs.com
Received on Dec 03 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos