PHP-Nuke 'friend.php' Module Allows Cross-Site Scripting Attacks
|
|
SecurityTracker Alert ID: 1003048 |
|
SecurityTracker URL: http://securitytracker.com/id/1003048
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Dec 24 2001
|
Impact:
Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network
|
Exploit Included: Yes
|
|
Description:
A cross-site scripting vulnerability was reported in the PHP-Nuke 'friend.php' module. A remote user can write HTML code containing malicious javascript that, if executed on another user's browser, will execute in the security zone of a web site running PHP-Nuke.
The code may be able to access the target user's cookies associated with the web site running PHP-Nuke.
The following is demonstration exploit code:
http://[host]/friend.php?op=SiteSent&fname=[SCRIPT]
|
Impact:
A remote user can conduct a cross-site scripting attack and may be able to gain access to another user's cookies associated with a web site running PHP-Nuke.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.phpnuke.org/ (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: 20 Dec 2001 15:06:50 -0000
Subject: 1 last CSS hole in PHPNuke :)
|
He's on
http://www.host.com/friend.php?op=SiteSent&fname=
[SCRIPT]
...
frog-m@n
|
|
