Sunday, March 06, 2005
Multiple Vulnerabilities in PHP-Nuke (db.php, index.php, Downloads, Web_Links)
Multiple Vulnerabilities in PHP-Nuke (db.php, index.php, Downloads, Web_Links)
Summary
Php-Nuke is "a popular open source content management system, written in PHP by Francisco Burzi. This CMS is used on many thousands websites, because it's freeware, easy to install and manage and has broad set of features".Multiple vulnerabilities were found in PHP-Nuke that result in Path Disclosure and Cross Site Scripting.
Credit:
The information has been provided by Janek Vind.The original article can be found at: waraxe.us
Details
Vulnerable Systems:
* PHP-Nuke version 6.0 up to version 7.6Path
Disclosure:
There are several path disclosure in PHP-Nuke when any of the following sample URLs are accessed:
http://localhost/nuke75/db/db.php
http://localhost/nuke75/index.php?inside_mod=1
http://localhost/nuke75/modules.php?name=Downloads&d_op=menu
http://localhost/nuke75/modules.php?name=Web_Links&l_op=menu
Cross Site Scripting
There are two parameters in the modules.php file that are vulnerable to Cross Site Scripting attacks: