PHP Nuke Nederland
  
•   Home  •  Downloads  •  Your Account  •  Forums  •
Navigation
 Home
· Search
· Recommend Us
· Feedback
· Top 10
· Web Links
· Statistics
 News
· Topics
· Stories Archive
· Submit News
 Members
· Your Account
· Private Messages
· Members List
 Downloads
· Downloads
· Most popular
 Forum
· Forums
· Forum Search
· Forum FAQ
· Forum Rules
 Documentation
 Site Info
· Legal Notices
· Disclaimer
· Privacy
· Terms of Use
Languages
Kies interface taal:

Dutch English
Sentinel
· 64.72.54.*
· 97.77.52.*
· 67.48.118.*
· 190.56.164.*
· 70.26.145.*
· 70.63.214.*
· 97.78.5.*
· 71.81.120.*
· 216.246.60.*
· 71.109.164.*
NukeSentinel(tm)
Caught by Sentinel
You have been warned!
We have caught 1403 shameful hackers.
NukeSentinel(tm)
Kalender
<< december 2008 >>

z m d w d v z
  123456
78910111213
14151617181920
21222324252627
28293031     

Security: PHP-Nuke XSS vulnerabilities - 6.x-7.6
SecurityTwee nieuwe lekken in de PHP-Nuke core kan leiden tot zgn. cross-site-scripting attacks:


Meer info...


Bron: http://www.waraxe.us

Full path disclosure and XSS in PhpNuke 6.x-7.6

Author: Janek Vind "waraxe"
Date: 14. February 2005
Location: Estonia, Tartu
Web: http://www.waraxe.us/advisory-40.html


Target software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Php-Nuke is a popular opensource content management system, written in php by
Francisco Burzi. This CMS is used on many thousands websites, because it's
freeware, easy to install and manage and has broad set of features.

Homepage: http://phpnuke.org


Vulnerabilities:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


A - Full Path Disclosure
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

A1 - full path disclosure in "db/db.php":

http://localhost/nuke75/db/db.php

Fatal error: Cannot instantiate non-existent class:
sql_db in D:apache_wwwroot
uke75dbdb.php
on line 86


A2 - full path disclosure in "mainfile.php":

http://localhost/nuke75/index.php?inside_mod=1

Warning: main(../../config.php): failed to open stream:
No such file or directory in D:apache_wwwroot
uke75mainfile.php
on line 103

Fatal error: main(): Failed opening required '../../config.php'
(include_path='.;c:php4pear') in D:apache_wwwroot
uke75mainfile.php
on line 10


A3 - full path disclosure in "modules/Downloads/index.php":

http://localhost/nuke75/modules.php?name=Downloads&d_op=menu

error: Call to undefined function: opentable() in
D:apache_wwwroot
uke75modulesDownloadsindex.php on line 75



A4 - full path disclosure in "modules/Web_Links/index.php":

http://localhost/nuke75/modules.php?name=Web_Links&l_op=menu

Fatal error: Call to undefined function: opentable() in
D:apache_wwwroot
uke75modulesWeb_Linksindex.php on line 65



B - Cross-Site Scripting aka XSS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

B1 - xss in "/modules/Downloads/index.php":

http://localhost/nuke75/modules.php?name=Downloads&d_op=NewDownloads
&newdownloadshowdays=[xss code here]


B2 - xss in "/modules/Web_Links/index.php":

http://localhost/nuke75/modules.php?name=Web_Links&l_op=NewLinks
&newlinkshowdays=[xss code here]



How to fix:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


How to fix those bugs - http://www.waraxe.us/forums.html


Additional resources:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Base64 encoder and decoder - http://base64-encoder-online.waraxe.us/

SiteMapper - free php script for phpNuke powered websites -
new version 0.2 available for download - http://sitemapper.waraxe.us/


Greetings:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Greets to icenix, Raido Kerna, g0df4th3r and slimjim100!
Tervitused - Heintz!

Contact:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

come2waraxe@yahoo.com
Janek Vind "waraxe"

Homepage: http://www.waraxe.us/

Andere links:
http://secunia.com/advisories/14289/
http://www.securityfocus.com/bid/12561/info/


Fixes:
http://www.waraxe.us/ftopict-491.html#1937 http://www.nukefixes.com/ftopict-1273.html#3909
Geplaatst op Woensdag 16 februari 2005 door BlueLion
 
Gerelateerde links
· Meer over Security
· Berichten door BlueLion
Meest gelezen bericht in de categorie Security:
Nuke Sentinel 2.0.2
Waardering
Gemiddeld: 0
Stemmen: 0

Bericht waarderen:

Uitstekend
Zeer Goed
Goed
Gewoon
Slecht
Opties

 Printervriendelijke pagina Printervriendelijke pagina

Web site powered by PHP-Nuke

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2004-2008 by BlueLion.
SEO enhanced with the Sitemapper script
You can syndicate our news using the file backend.php or ultramode.txt
Powered by PHP Powered by MySQL Apache Webserver Valid robots.txt
PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Pagina rendering: 0.10 seconden


[Valid News RSS]

RSS Feeds:
[RSS 2.0 News Feed]
[RSS 2.0 Download Feed]
[RSS 2.0 Forum Feed]
[RSS 2.0 Link Feed]
:: fisubsilver shadow phpbb2 style by Daz :: PHP-Nuke theme by BlueLion ::