CVE-2003-1372 Information

Description

Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8 and possibly earlier versions allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.

Reference

http://archives.neohapsis.com/archives/bugtraq/2003-02/0231.html http://secunia.com/advisories/8125 http://www.osvdb.org/3931 http://www.securityfocus.com/bid/6892 https://exchange.xforce.ibmcloud.com/vulnerabilities/11376