September 27th, 2002, 02:48 AM
Another PHP-NUKE XSS Exploit
This one was found by me and is currently awating moderation on bugtraq
PHP-Nuke 6.0 [ possibly others ]
Mozilla 1.01 -->partial testing
There is another XSS vulnerability in the popular Nuke software this one being 6.0 and possibly other versions. A recent one has been reported within the search feild of the topics but this one resides in the search feild of Web Links
Depending on what browser you are using you will get different results:
Netscape 7.0 -
With netscape it will pop up a box that says testing and when you close it it just opens again. This is done several times and then it closes. Also the links below [ ie google, hotbot and some others ] The links are still links but they show some of the source of the page. Also as I said the test box comes up it appears to be for each one of these search options. It loads them one at a time and for each one it brings up the testing box.
Internet Explorer 5.5 -
This just brings up one box and when you close it is gone. Links still show some source
Not tested but expect same results
Again this just messes up the links so they show some of the source but they still are links
This actually attempts to show the pic but unsucessful , just puts the little box with a red x threw it on the page. Links are also all wacky
The picture will actually show with mozilla. Uncertain as to how the links look. had friend with mozilla check and all he said was it did show the pic
You can go to any site with PHP-NUke 6 and go to their weblink section and try it out. Or you can go to www.ersatz-crew.org and try it there. Feal free to check older version of nuke and possiby post nuke but i cannot garantee that they exist there
As i said this was submitted by me allready, First submission so I am a bit exited. Just thought I would post it here for you all as well as a heads up or for something to discuss
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!
September 27th, 2002, 06:01 PM
Very good. I've tried out the "Testing" one you made there before with some other types of searches and came up with the same thing you did, it working. I think this is a good bug to find, because it could potentially cause some trouble. Update with what they say when they read your bug on BugTraq.
September 27th, 2002, 07:24 PM
XSS bugs are bugs that are very hard to get out of your software.. There're probably many more waiting to be discovered and when those are found there will be even more in a next version. Now in this search bar it can be get out, because you don't have to put any code there, but I think XSS bugs wil exist as long as the user has the ability to put things he typed himself on a page, whatever way.