Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 up to and including 6.0 allows remote malicious users to inject arbitrary web script or HTML via the user_avatar parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
francisco burzi php-nuke 5.2a |
||
francisco burzi php-nuke 5.3.1 |
||
francisco burzi php-nuke 5.4 |
||
francisco burzi php-nuke 5.5 |
||
francisco burzi php-nuke 5.0 |
||
francisco burzi php-nuke 5.0.1 |
||
francisco burzi php-nuke 5.6 |
||
francisco burzi php-nuke 6.0 |
||
francisco burzi php-nuke 5.1 |
||
francisco burzi php-nuke 5.2 |