|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 61
Members: 0
Total: 61
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Possible bug in phpnuke.org (PHP-Nuke 7.9) |
|
Posted: Tue Dec 27, 2005 6:53 am |
|
|
badfilms_software |
Beginner |
|
|
Joined: Jan 29, 2005 |
Posts: 3 |
|
|
|
|
|
|
|
OK, Go Here:
http://phpnuke.org/modules.php?name=Search
Next, search this string
<iframe src=http://phpnuke.org/phpinfo.php
...
Now, you can see an iframe in the search string:
... more
Didn't find what you're looking for?
Search "<IFRAME> Code: | Not Found
The requested URL /phpinfo.php</b was not found on this server.</IFRAME> |
|
|
|
|
|
|
cool! |
|
Posted: Tue Dec 27, 2005 9:15 am |
|
|
Pi3cH |
Regular user |
|
|
Joined: Dec 15, 2005 |
Posts: 7 |
|
|
|
|
|
|
|
use:
Code: | <IMG SRC="jav	ascript:alert('XSS');" |
i think the preg_match only search for < ends with > if we use tags with out > all of them works properly:
Code: | <IMG SRC=`javascript:alert("www.kapda.ir, 'XSS'")` |
|
|
|
|
|
|
Re: cool! |
|
Posted: Tue Dec 27, 2005 11:45 am |
|
|
cXIb8O3 |
Active user |
|
|
Joined: Feb 17, 2005 |
Posts: 26 |
Location: Poland<>Luxembourg |
|
|
|
|
|
|
Pi3cH wrote: | use:
Code: | <IMG SRC="jav	ascript:alert('XSS');" |
i think the preg_match only search for < ends with > if we use tags with out > all of them works properly:
Code: | <IMG SRC=`javascript:alert("www.kapda.ir, 'XSS'")` |
|
http://securityreason.com/achievement_securityalert/28
solusion:
example eregi("<[^>]*script*\"?[^>]*", $secvalue)
but better htmlspecialchars.. because any tags like (<IFRAME) are block.. |
|
|
|
|
Posted: Tue Dec 27, 2005 3:45 pm |
|
|
Pi3cH |
Regular user |
|
|
Joined: Dec 15, 2005 |
Posts: 7 |
|
|
|
|
|
|
|
oh! advisory reportet by you !
yes htmlspecialchars good solution.
is there any bug for this function of php? (nowdays many webapplications use it) |
|
|
|
|
www.waraxe.us Forum Index -> PhpNuke
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|