Hi nuke webmasters, Phpnuke cross site scripting vulnerability Affected version : 5.3.1 and prior perhaps other...perhaps all PostNuke affected too. No more explanation, it is enough with cross site scripting...i'm bored with CSS vuln ;) http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.coo kie);</script> This is an other way to stole cookies as i explain in my previous post but without using IE 5.5 vulnerability. http://www.isecurelabs.com/article.php?sid=230 regards, --- Cabezon Aurélien http://www.iSecureLabs.com
