CVE-2010-4913
The OpenVAS entry confirms that ColdGen ColdUserGroup is prone to both Cross-Site Scripting (XSS) and SQL Injection vulnerabilities. The CVE-2010-4913 entry describes an XSS flaw in the search feature of ColdGen ColdUserGroup 1.06, exploitable via the Keywords parameter to inject arbitrary script...