CVE-2009-3506

Publication date

2009-10-01 14:00:00

Family

mitre

State

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21 allow remote attackers to inject arbitrary web script or HTML via the (1) cook_user parameter to index.php and the (2) name parameter to modules.php.