CVE-2009-0594

UNRATEDCross-site scripting

Description

Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

Affected products

apmuthu / phpskelsite1.4 – 1.4

References

MISChttp://www.securityfocus.com/bid/33092
EXPLOIThttps://www.exploit-db.com/exploits/7648
VENDOR_ADVISORYhttp://secunia.com/advisories/33382