CVE-2008-0497
30.01.2008, 22:00
Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS 3.31 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, which is not quoted when processing PHP_SELF.
Vendor | Product | Version |
---|---|---|
nucleus_cms | nucleus_cms | 3.31 |
𝑥
= Vulnerable software versions
References