OSVDB ID: 9161 Title: PHP-Nuke PhotoADay Module pad_selected Parameter XSS |
Info |
|
|
Dates |
||||
|
|
Description |
The 'PhotoADay' module for PHP-Nuke contains an input validation flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the pad_selected variable submitted to the PhotoADay script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
Classification |
Location:
Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation Impact: Loss of Confidentiality, Loss of Integrity Exploit: Exploit Public Disclosure: OSVDB Verified OSVDB: Web Related |
Solution |
Currently, there are no known upgrades or patches to correct this issue. The vendor has been contacted. It is possible to correct the flaw by implementing the following workaround(s): Modify the code: unset($matches); unset($loc); if (preg_match("/([OdWo5NIbpuU4V2iJT0n]) /", rawurldecode($loc=$_SERVER["QUERY_STRING"]), $matches)) { die("YOU ARE SLAPPED BY <a href=\"http://nukecops.com\">NUKECOPS</a> BY USING '$matches[1]' INSIDE '$loc'."); } to use strip_tags() like this: unset($matches); unset($loc); if (preg_match("/([OdWo5NIbpuU4V2iJT0n]) /", rawurldecode($loc=strip_tags($_SERVER["QUERY_STRING"])), $matches)) { die("YOU ARE SLAPPED BY <a href=\"http://nukecops.com\">NUKECOPS</a> BY USING '$matches[1]' INSIDE '$loc'."); } Alternativley disable use of the PhotoADay module. |
Products |
|
References |
|
Credit |
|
hotmail.com - Q8Crackers Crew