--Security Report-- Advisory: MyPHPNuke <= 1.8.8 multiple XSS vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 24/02/06 05:56 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx@nukedx.com Web: http://www.nukedx.com } --- Vendor: MPN (www.myphpnuke.com) Version: 1.8.8 and prior versions must be affected. About: Via this method remote attacker can make malicious links for clicking and when victim clicks this links victim's browser would be inject with XSS. Level: Harmless --- How&Example: GET -> http://[site]/reviews.php?op=reviews&letter=[XSS] EXAMPLE -> http://[site]/reviews.php?op=reviews&letter= GET -> http://[site]/download.php?sortby=&dcategory=[XSS]&sortby= EXAMPLE -> http://[site]/download.php?sortby=&dcategory= -- Timeline: * 24/02/2006: Vulnerability found. * 24/02/2006: Contacted with vendor and waiting reply. -- Original advisory: http://www.nukedx.com/?viewdoc=12