CVE-2008-0497
The CVE-2008-0497 entry concerns Nucleus CMS 3.31, where an XSS vulnerability exists in action.php. The underlying issue is that PATH_INFO is not quoted when PHP_SELF is processed, enabling remote attackers to inject arbitrary web script or HTML. The affected component is action.php within Nucleu...