3 matches found
CVE-2005-0674
The CVE-2005-0674 entry concerns the paBox 1.6 News module, where a cross-site scripting (XSS) flaw exists in the News module’s handling of the hidden text parameter in an HTTP POST. The connected documents corroborate an XSS issue affecting paBox/Nuke-based deployments (e.g., Nessus plugin refer...
[XSS] paBox 1.6
Just wanted to let it be known seeing as i havent seen any info on this yet, ive discovered a cross scripting problem in PABox 1.6 http://phpnuke.org/modules.php?name=News&file=article&sid=5065 they give a demo page of pabox there. if you take the default form used for the shoutbox, there are...
CVE-2005-0674
Cross-site scripting XSS vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request...