CVE-2009-3513
Pilot Group (PG) eTraining is affected by multiple XSS vulnerabilities. The issues exist in web entry points that accept user-controlled parameters: cat_id in courses_login.php, id in news_read.php, id in lessons_login.php, and cur in a start action to lessons_login.php. An attacker can inject ar...