Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   


Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker

Category:   Application (Web Server/CGI)  >   PHP-Nuke Vendors:
PHP-Nuke Cross-site Scripting Flaw in Private Messages Lets Remote Users Steal PHP-Nuke User Cookies
SecurityTracker Alert ID:  1003781
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 11 2002
Impact:   Disclosure of authentication information, Execution of arbitrary code via network
Exploit Included:  Yes  
Version(s): 5.5 and prior versions
Description:   A cross-site scripting vulnerability was reported in PHP-Nuke in the Private Messages function. A valid and authenticated remote user can potentially steal the cookies of another registered PHP-Nuke user and gain access to that user's account.

It is reported that the Private Messages function, which allows registered users on the site to send messages to the other registered users on that site, fails to filter HTML messages. A valid and authenticated remote user can send a private message containing HTML with embedded javascript so that the javascript will be executed by the recipient's browser when the message is viewed. The code will run in the security context of the PHP-Nuke site and will therefore be able to access the target user's cookies associated with the PHP-Nuke site.

A demonstration exploit script is provided:


If the remote user obtains the target (victim) user's cookies, the remote user may be able to access the target user's account on the PHP-Nuke site.

Impact:   A valid and authenticated remote user can conduct cross-site scripting attacks against other PHP-Nuke user's to potentially steal their cookies assoicated with the PHP-Nuke web site.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.

 Source Message Contents

Subject:  Cross Site Scripting Vulnerability in PHP-Nuke

PHP-Nuke is a PHP based portal management system used at thousands of
sites. A Cross Site Scripting vulnerability has been discovered in the
PHP-Nuke version 5.5 and prior versions. There is a function called
Private Messages in PHP-Nuke by which the registered users of the site
can send messages to the other registered users of site. A user can also
send a HTML formatted message and can even embed JavaScript in it.
Now, if the user sends a malicious JavaScript embedded message to
someone then the JavaScript would be executed on the receiver's browser.

-------------Sample Message----------------

You have been screwed!



Thus it also allows an attacker to reveal the critical information such
as cookies related to that site and get hold on his account even on
admin. Get this and more at


Hacker Gurus:: Geeks With Attitude
Sign up now to recieve all the latest news and updates right in your

Do You Yahoo!?
Get your free address at


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, LLC