Description
Multiple cross-site scripting (XSS) vulnerabilities in review.php in phpMyDirectory 10.1.3-rel allow remote attackers to inject arbitrary web script or HTML via the (1) subcat, (2) page, or (3) subsubcat parameter.
Affected products
- accomplishtechnology / phpmydirectory10.1.3 – 10.1.3
References
- MISChttp://www.securityfocus.com/bid/12900
- MAILING_LISThttp://marc.info/?l=bugtraq&m=111176904423360&w=2
- VENDOR_ADVISORYhttp://secunia.com/advisories/14692