2 matches found
CVE-2008-3574
Multiple cross-site scripting XSS vulnerabilities in Pluck 4.5.2, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 langfooter parameter to a data/inc/footer.php; the 2 pluckversion, 3 langinstall22, 4 titelkop, 5 langkop1, 6 langkop2, 7...
CVE-2008-3574
CVE-2008-3574 describes multiple cross-site scripting (XSS) vulnerabilities in Pluck 4.5.2 when register_globals is enabled. Attackers can inject arbitrary script/HTML via numerous parameters across data/inc/footer.php, data/inc/header.php, data/inc/header2.php, and data/inc/themeinstall.php (e.g...