2 matches found
CVE-2008-5039
Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...
CVE-2008-5039
Affected software: PHP-Nuke with the League module (possibly version 2.4). Vulnerability: Cross‑site scripting (XSS) via the tid parameter in a team action to modules.php. Root cause / vector: User-controlled tid value leading to script/HTML injection. Impact: Remote attacker could execute arbitr...