CVE-2008-5211
Sphider 1.3.4 is vulnerable to a cross-site scripting (XSS) flaw in search.php when the search suggestion feature is enabled. The issue is triggered via the query parameter and allows injection of arbitrary script/HTML. Several connected sources (OpenVAS tests and upstream CVE records) confirm th...