3 matches found
CVE-2004-1665
PsNews is affected by cross-site scripting (XSS) flaws in index.php for version 1.1 (and older than 1.2). The OpenVAS/Nessus entries describe multiple parameter XSS allowing the attacker to steal cookies from legitimate users. The root cause is described as XSS in index.php via the no parameter, ...
CVE-2004-1665
Cross-site scripting XSS vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter...
CVE-2004-1665
Cross-site scripting XSS vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter...