NooMS 1.1 - smileys.php page_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/31131/info NooMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browse...

CVE-2008-4179

Multiple cross-site scripting XSS vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter to smileys.php and the 2 q parameter to search.php...