4 matches found
CVE-2009-4861
Cross-site scripting XSS vulnerability in shownews.php in SupportPRO SupportDesk 3.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
Cross site scripting
Cross-site scripting XSS vulnerability in shownews.php in SupportPRO SupportDesk 3.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
CVE-2009-4861
CVE-2009-4861 : A cross-site scripting (XSS) vulnerability in SupportPRO SupportDesk 3.0’s shownews.php allows injecting arbitrary script/HTML via PATH_INFO. Affected component is the shownews.php handling in SupportDesk 3.0; root cause is unvalidated PATH_INFO input leading to script injection. ...
CVE-2009-4861
Cross-site scripting XSS vulnerability in shownews.php in SupportPRO SupportDesk 3.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...