2 matches found
CVE-2008-0723
Cross-site scripting XSS vulnerability in mynews.inc.php in MyNews 1.6.4, and other earlier 1.6.x versions, allows remote attackers to inject arbitrary web script or HTML via the hash parameter in an admin action to index.php, a different vulnerability than CVE-2006-2208.1...
CVE-2008-0723
CVE-2008-0723 describes a cross-site scripting (XSS) vulnerability in the PHP component mynews.inc.php used by MyNews 1.6.4 and earlier 1.6.x. The issue allows remote attackers to inject arbitrary web script or HTML via the hash parameter in an admin action to index.php. The entry explicitly note...