 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| |
|
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9145
 People Online:
 Visitors: 589
 Members: 0
 Total: 589
|
|
|
|
|
|
PacketStorm News |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
You can get 7.4 at my site www.nukescripts.info  |
|
|
|
|
Its out on SF and a fix was released when the report was released
http://www.nukescripts.info/modules.php?name=Forums&file=viewtopic&t=44#562 |
|
|
|
|
Ok i've tested this report on nuke 6.9 and 7.3 and heres my 2 cents
A1 - full path disclosure in "/modules/Search/index.php":
Go to search page:
http://localhost/nuke73/modules.php?name ... |
|
|
|
|
The instory seems to be affecting only 7.* versions, i search 6.9 and it seems just right
also i released http://www.nukecops.com/postt31532.html when i saw the report at SF, hope u dont mind ... |
|
|
|
|
No need for irony, heh
try this on a non patched phpnuke site index.php?content=%253cscript>alert%2528document.cookie);%253c/script>
You will see that you are getting the cookies in a ... |
|
|
|
|
| Even if it's a local variable, it still can be used for XSS |
|
|
|
|
I was working on my new project and i found that the $content var in several blocks doesn't get parse correctly.
what i mean?
Open block-Survey.php and you will see:
$content .= "<form ... |
|
|
|
|
and about the $admin or $user exploits
#############################################################
#--------------- Base64 sanitize by Waraxe -----------------
if(isset($admin))
... |
|
|
|
|
| i agree with u, but what about new ones? |
|
|
|
|
i've just started messing with ps so don't be 2 hard with me
http://xeronet.org/uploads/genoxide/waraxe1.gif |
|
|
|
|
| i've sentinel (latest version) on all of my nuke sites and i didn't have any problem with it, its secure,fast and reliable |
|
|
|
|
so if we replace
the old
if (!eregi("admin.php", $_SERVER['SCRIPT_NAME'])) { die ("Access Denied"); }
or
if (!eregi(" ... |
|
|
|
|
also about the fix in the modules.php
about the $name fix
$modpath .= "modules/$name/".$file.".php";
if (file_exists($modpath)) {
how can the 'xploi ... |
|
|
|
|
Well i'm currently working on a new project of mine and i got cs permission to work with his fixes for phpnuke.
i came across with some of the fixes waraxe made in article.php
// start code fix ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
