Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke INP allows remote malicious users to inject arbitrary web script or HTML via the query parameter.
source: wwwsecurityfocuscom/bid/19208/info
PHPNuke INP is prone to a cross-site scripting vulnerability that affects the 'modulesphp' script
The specific version affected is currently unknown
wwwexamplecom/[path]/modulesphp?name=Downloads&op=search&query=><script>alert('ARIA')</script><
...