EUVD-2008-5018

Malware in sbrugna...

PHP-Nuke Nuke League Module 'tid' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31952/info PHP-Nuke Nuke League module is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script...

CVE-2008-5039

Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...

CVE-2008-5039

Cross-site scripting XSS vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php...

CVE-2008-5039

Affected software: PHP-Nuke with the League module (possibly version 2.4). Vulnerability: Cross‑site scripting (XSS) via the tid parameter in a team action to modules.php. Root cause / vector: User-controlled tid value leading to script/HTML injection. Impact: Remote attacker could execute arbitr...

phpnukeleague-xss.txt

IRANIAN THE BEST HACKERS IN THE WORLD XSS Vulnerability PHP-Nuke Module League team&tid AuTh0r : EhsanHp200 H0ME : www.only4-dl.tk Email : [email protected] PERSIAN GULF 4 EVER! Dork : "inurl:modules.php?name=League" Exploite: www.victim.com/modules.php?name=League&file=index&op=team&tid=Xss...