You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 61 guest(s) and 3 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Top_Sites Module warning [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

Top_Sites Module warning
 
Post new topic  Reply to topicprinter-friendly view Nuke Cops Forum Index » Bug Reports
View previous topic Log in to check your private messages View next topic
Author Message
sixonetonoffun
Major
Major


Joined: Jan 13, 2003
Posts: 892
PostPosted: Fri Jan 24, 2003 8:54 am Reply with quoteBack to top
Top_Sites is a nice very basic mod of weblinks provided by PHP-Nuke Algerie
http://phpnuke-dz.com/

There is a flaw in this module that allows any logged in user to delete any "Top Site" they choose simply by entering this url with the lid# of the "Top Site" they wish to delete.
top.html_Site&op=dellink&lid=1

Notified PHP-Nuke Algerie today.

Maybe this was sposed to be a future feature Razz

_________________
www.netflake.com
www.glowoptics.com
Find all posts by sixonetonoffunView user's profileSend private message
sixonetonoffun
Major
Major


Joined: Jan 13, 2003
Posts: 892
PostPosted: Fri Jan 24, 2003 10:21 am Reply with quoteBack to top
Simple temp patch

modules/Top_Sites/index.php
Find:
Code:

function dellink($lid) {
    global $prefix, $dbi, $user;
   if (is_user($user)) {
   


Replace with

Code:

function dellink($lid) {
    global $prefix, $dbi, $admin;
   if (is_admin($admin)) {
   

_________________
www.netflake.com
www.glowoptics.com
Find all posts by sixonetonoffunView user's profileSend private message
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939
PostPosted: Fri Jan 24, 2003 10:35 am Reply with quoteBack to top
Ouch, that was sloppy coding on their part. Nice catch. Consider posting that at nuke's news?

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
sixonetonoffun
Major
Major


Joined: Jan 13, 2003
Posts: 892
PostPosted: Sat Jan 25, 2003 3:40 pm Reply with quoteBack to top
Author released an "Official Patch" here:
http://phpnuke-dz.com/modules.php?name=News&file=article&sid=31
I didn't get a chance to look at it but the dell function was rewritten I'll test it out again this evening.

~Peter

_________________
www.netflake.com
www.glowoptics.com
Find all posts by sixonetonoffunView user's profileSend private message
sixonetonoffun
Major
Major


Joined: Jan 13, 2003
Posts: 892
PostPosted: Sun Jan 26, 2003 6:31 am Reply with quoteBack to top
New bug with the Top_Sites 1.0.1 post previous patch.

This is more serious. This allows logged in user to pass java script to the admin when admin goes to check new link submissions.

Expoit:
Code:

<SCRIPT>alert("Filter This!");</SCRIPT dummy_flag = true>


Notified author expect new patch or version release correcting this bug in the near future. Though author has not replied directly regarding any bug reports submitted.

Note* This does not effect the web links module which properly squashes this kind of simple script!

~Peter

_________________
www.netflake.com
www.glowoptics.com
Find all posts by sixonetonoffunView user's profileSend private message
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939
PostPosted: Sun Jan 26, 2003 2:02 pm Reply with quoteBack to top
Ah, I understand now.

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
sixonetonoffun
Major
Major


Joined: Jan 13, 2003
Posts: 892
PostPosted: Sat Feb 15, 2003 9:40 am Reply with quoteBack to top
Today sid from http://phpnuke-dz.com/ gave me the opportunity to preview and test Top Site 1.2 beta. I must say he has made many enhancements to the module and its looking very good. I submitted some XSS patches to him today and would expect the next release to be much safer, stable, and functional the the initial release. He's put a lot into this next release and I'm looking forward to its public release.

~Peter

_________________
www.netflake.com
www.glowoptics.com
Find all posts by sixonetonoffunView user's profileSend private message
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view Nuke Cops Forum Index » Bug Reports
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by · TOGETHER TEAM srl ITALY http://www.togetherteam.it · DONDELEO E-COMMERCE http://www.DonDeLeo.com
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.203 Seconds - 350 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::