Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) News Modules in Php-Nuke allow remote malicious users to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php-nuke news module |
||
php-nuke pool module |