Vulnerabilities

CVE-2008-0497

by Fred · 30/01/2008

Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS 3.31 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, which is not quoted when processing PHP_SELF.

Date published : 2008-01-30

http://www.securityfocus.com/bid/27492

http://www.securityfocus.com/archive/1/487252/100/0/threaded

Related

Tags: Cybersecurity Alert