3 matches found
CVE-2010-2356
Cross-site scripting XSS vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the courseid parameter...
CVE-2010-2356
Cross-site scripting XSS vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the courseid parameter...
CVE-2010-2356
CVE-2010-2356 affects Pilot Group (PG) eLMS Pro: XSS in subscribe.php, exploitable via the course_id parameter. Root cause is reflected/script injection in the course_id handling. The NVD notes a CVSSv2 base score of 4.3 (Medium) with network attack vector, no authentication, and partial integrit...