I don't know how close this resembles phpNuke in the code, but posted on phpNuke was this bug:
"I found that anyone can submit HTML tags to a Nuked site. If you put some Javascript in the text, you can do any kind of harm to the admin -- redirecting him to a bad site, or creating a thousand of browser instances for him (you can create just one instance of the same page by window.open(document.location.href) and there you are: a recursion!) Therefore, you can nuke any PHPNuke admin :-)"
Is phpWebsite vulnerable as well?
I tell you what we should do is create a list of what html we will allow and take it from there... else just put the less than and greater than signs in the database as HTML charater entities..
Agreed. We talked about this and there definately needs to be some parsing. We also need to implement the dirty-word stripping so this would be a good time to plug that feature in.
Tested this bug pretty well. Please come to our site and try to hack us :)
Adam