CVE-2004-2351 Information

Description

Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters including (1) name (2) email (3) city and (4) message which do not use the script and style tags which are filtered by PHP-Nuke.

Reference

http://securitytracker.com/id?1008930 http://www.securityfocus.com/archive/1/352373 http://www.securityfocus.com/bid/9559 https://exchange.xforce.ibmcloud.com/vulnerabilities/15027