2 matches found
CVE-2006-1846
Cross-site scripting XSS vulnerability in the YourAccount module in PHP-Nuke 7.8 might allows remote attackers to inject arbitrary HTML and web script via the ublock parameter, which is saved in the user's personal menu. NOTE: the provenance of this information is unknown; the details are obtaine...
CVE-2006-1846
The CVE-2006-1846 entry concerns a cross-site scripting (XSS) issue in PHP-Nuke 7.8 within the Your_Account module. The vulnerability stems from the ublock parameter, which is stored in the user’s personal menu, allowing remote attackers to inject arbitrary HTML/JavaScript. The available document...