2 matches found
CVE-2015-1052
Cross-site scripting XSS vulnerability in the poll archive in PHPKIT 1.6.6 Build 160014 allows remote attackers to inject arbitrary web script or HTML via the result parameter to uploadfiles/pk/include.php...
CVE-2015-1052
CVE-2015-1052 is a documented XSS vulnerability in PHPKIT 1.6.6 (Build 160014), exploitable via the result parameter to upload_files/pk/include.php. Multiple trusted sources (NVD, Red Hat, CVE listings, CNVD) reiterate that PHPKIT WCMS is affected by a stored/reflected-like XSS in the poll archiv...