2 matches found
CVE-2004-2688
CVE-2004-2688 / CVE-2006-3358 describe multiple XSS vulnerabilities in NewsPHP’s index.php. The issue is triggered by unsanitized user input through the cat_id parameter (and other vectors in related CVEs), which can cause arbitrary web script/HTML to be injected and reflected in error pages. The...
CVE-2004-2688
Cross-site scripting XSS vulnerability in index.php in NewsPHP allows remote attackers to inject arbitrary web script or HTML via the catid parameter. NOTE: this issue might overlap vector 3 in CVE-2006-3358...