2 matches found
CVE-2010-2318
Cross-site scripting XSS vulnerability in cmsdata.php in PHPCityPortal 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter...
CVE-2010-2318
PHPCityPortal 1.3 has a Cross-site scripting (XSS) vulnerability in cms_data.php, exploitable via the page parameter to inject arbitrary script/HTML. This is caused by unsanitized input passed to the page parameter, enabling remote attackers to execute embedded scripts in the victim’s browser. Mu...