PHPDeveloper: PHP News, Views and Community

Subscribe

@phpdeveloper.org

News Archive

Community News: Latest PECL Releases (06.17.2025)

Community News: Latest PECL Releases (06.10.2025)

Community News: Latest PECL Releases (06.03.2025)

Community News: Latest PECL Releases (05.27.2025)

Community News: Latest PEAR Releases (05.26.2025)

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.06.2025)

Community News: Latest PECL Releases (04.29.2025)

Community News: Latest PECL Releases (04.22.2025)

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Community News:
Vulnerabilities in PHP-Nuke

byChris Cornutt May 07, 2004 @ 12:33:34

In a new security advisory posted late yesterday, Secunia has a few new issues with PHP-Nuke (v6.x and v7.x):

If error messages hasn't been turned off in PHP, the "Downloads" module will return error messages if an invalid value is supplied to the "show" parameter. This can be exploited to reveal the installation path.
Input passed to the "ttitle" and "sid" parameters in the "Downloads" module isn't properly verified before it is returned to the user. This can be exploited to execute arbitrary HTML or script code in a user's browser session in context of an affected site by tricking the user into visiting a malicious website or follow a specially crafted link.
Input passed to the "orderby" and "sid" parameters in the "Downloads" module isn't properly verified before it is used in an SQL insert query. This can be exploited by malicious people to manipulate SQL queries by injecting arbitrary SQL code.
My personal favorite - the solution: Use another product. Somehow, I think most of the PHP community could have told you that...

Thanks to PHPMagazine for the link.

tagged:

Link: