CVE-2013-7289
The CVE identifies multiple cross-site scripting (XSS) vulnerabilities in Andy’s PHP Knowledgebase (Aphpkb) before version 0.95.8, exploitable via the register.php endpoint. Specifically, the first_name, last_name, email, or username parameters can be injected with malicious script/HTML to affect...