CVE-2008-5039
Affected software: PHP-Nuke with the League module (possibly version 2.4). Vulnerability: Cross‑site scripting (XSS) via the tid parameter in a team action to modules.php. Root cause / vector: User-controlled tid value leading to script/HTML injection. Impact: Remote attacker could execute arbitr...