• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PHPNuke Multiple Script Code Filtering Vulnerabilities

PHPNuke is a web based Portal system. Implemented in PHP, it is available for a range of systems, including Unix, Linux, and Microsoft Windows.

Multiple script code vulnerabilities have been discovered in various PHPNuke features. These problem could potentially result in the execution of arbitrary code within the context of the vulnerable website. Exploitation of this issue may allow remote attackers to steal user's cookie-based authentication credentials, or launch other attacks.