RSS   Vulnerabilities for 'Nucleus cms'   RSS

2008-01-30
 
CVE-2008-0497

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS 3.31 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, which is not quoted when processing PHP_SELF.

 
2007-10-12
 
CVE-2007-5429

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in index.php in Nucleus 3.01 allows remote attackers to inject arbitrary web script or HTML via the archive parameter.

 
2007-01-11
 
CVE-2006-6920

 

 
Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly involving (1) lib/ADMIN.php and (2) lib/SKIN.php.

 

 >>> Vendor: Nucleus cms 2 Products
Nucleus cms
Nucleus


Copyright 2024, cxsecurity.com

 

Back to Top