VULHUB ™

PHP-Nuke is a popular web based Portal system. Implemented in PHP, it is available for a range of systems, including Microsoft Windows and Linux. PHP-Nuke allows users to send private messages to each other. Reportedly, it is possible to include arbitrary HTML code in these messages, including malicious JavaScript. If another user of the system views a malicious message, the script code will execute within the context of the vulnerable site. Post-Nuke has also been reported as being vulnerable to this issue.

PHP-Nuke is a popular web based Portal system. Implemented in PHP, it is available for a range of systems, including Microsoft Windows and Linux. PHP-Nuke allows users to send private messages to each other. Reportedly, it is possible to include arbitrary HTML code in these messages, including malicious JavaScript. If another user of the system views a malicious message, the script code will execute within the context of the vulnerable site. Post-Nuke has also been reported as being vulnerable to this issue.