2 matches found
CVE-2004-0737
Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary web script or HTML via the 1 sid, 2 max, 3 sel1, 4 sel2, 5 sel3, 6 sel4, 7 sel5, 8 match, 9 mod1, 10 mod2, or 11 mod3 parameters...
CVE-2004-0737
CVE-2004-0737 concerns Php-Nuke’s Search module (index.php). The advisory notes multiple cross-site scripting vulnerabilities exploitable through 11 parameters (sid, max, sel1–sel5, match, mod1–mod3), allowing remote injection of arbitrary script/HTML. The root cause implied is insufficient input...