BID:12561

PHP-Nuke Multiple Cross-Site Scripting Vulnerabilities

Info

PHP-Nuke Multiple Cross-Site Scripting Vulnerabilities

Bugtraq ID:	12561
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 15 2005 12:00AM
Updated:	Feb 15 2005 12:00AM
Credit:	Discovery of these vulnerabilities is credited to Janek Vind 'waraxe'.
Vulnerable:	Francisco Burzi PHP-Nuke 7.6 Francisco Burzi PHP-Nuke 7.3 Francisco Burzi PHP-Nuke 7.2 Francisco Burzi PHP-Nuke 7.1 Francisco Burzi PHP-Nuke 7.0 FINAL Francisco Burzi PHP-Nuke 7.0 Francisco Burzi PHP-Nuke 6.9 Francisco Burzi PHP-Nuke 6.7 Francisco Burzi PHP-Nuke 6.6 Francisco Burzi PHP-Nuke 6.5 RC3 Francisco Burzi PHP-Nuke 6.5 RC2 Francisco Burzi PHP-Nuke 6.5 RC1 Francisco Burzi PHP-Nuke 6.5 FINAL Francisco Burzi PHP-Nuke 6.5 BETA 1 Francisco Burzi PHP-Nuke 6.5 Francisco Burzi PHP-Nuke 6.0

Not Vulnerable:

Discussion

PHP-Nuke Multiple Cross-Site Scripting Vulnerabilities

It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input.

These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials

Exploit / POC

PHP-Nuke Multiple Cross-Site Scripting Vulnerabilities

The following examples are available:

http://www.example.com/nuke75/modules.php?name=Downloads&d_op=NewDownloads&newdownloadshowdays=[xss code here]
http://www.example.com/nuke75/modules.php?name=Web_Links&l_op=NewLinks&newlinkshowdays=[xss code here]

Solution / Fix

PHP-Nuke Multiple Cross-Site Scripting Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

References

PHP-Nuke Multiple Cross-Site Scripting Vulnerabilities

References:

PHPNuke INP Homepage (PHPNuke INP)