CVE-2015-1052

Cross-site scripting XSS vulnerability in the poll archive in PHPKIT 1.6.6 Build 160014 allows remote attackers to inject arbitrary web script or HTML via the result parameter to uploadfiles/pk/include.php...

CMS PHPKit WCMS 1.6.6 Cross Site Scripting

Advisory: Reflecting XSS vulnerability in CMS PHPKit WCMS v. 1.6.6 Advisory ID: SROEADV-2014-07 Author: Steffen Rösemann Affected Software: CMS PHPKit WCMS v. 1.6.6 Build: 1660014 Vendor URL: http://www.phpkit.com/de/ Vendor Status: did not respond to issue CVE-ID: - ==========================...