2 matches found
CVE-2003-1400
The CVE-2003-1400 entry describes a Cross-site scripting (XSS) vulnerability in the Your_Account module of PHP-Nuke versions 5.0 through 6.0. The issue arises from an input vector in the user_avatar parameter, allowing remote attackers to inject arbitrary web script or HTML. Affected software: PH...
CVE-2003-1400
Cross-site scripting XSS vulnerability in the YourAccount module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the useravatar parameter...