BugTraq
Back to list
|
Post reply
cross site scripting htmltonuke
Jul 12 2003 05:02PM
jocanor jocanor (jocanor2002 hotmail com)
I find a bug in some versions of htmltonuke.
servers with php-nuke installed are not vulnerables
some versions of htmltonuke only have permisions to acces to html files,
but if you tipe the script before a invalid html file, the script are
executed.
exploit:
http://www.example.com/htmltonuke.php?filnavn=[SCRIPT]%20example.html
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
I find a bug in some versions of htmltonuke.
servers with php-nuke installed are not vulnerables
some versions of htmltonuke only have permisions to acces to html files,
but if you tipe the script before a invalid html file, the script are
executed.
exploit:
http://www.example.com/htmltonuke.php?filnavn=[SCRIPT]%20example.html
[ reply ]