2 matches found
CVE-2010-2717
Cross-site scripting XSS vulnerability in manager/login.php in CruxSoftware CruxCMS 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the txtusername parameter...
CVE-2010-2717
CruxCMS 3.0 (CruxSoftware) is affected in manager/login.php via the txtusername parameter, enabling Cross-Site Scripting (XSS). The CVE-2010-2717 entry is supported by multiple sources (NVD, OpenVAS NASL, HTBridge) describing an input sanitation flaw that lets remote attackers inject arbitrary sc...